Cybersecurity Glossary of Terms

Zero-Day Vulnerability: A software vulnerability that is unknown to the vendor and has not been patched, making systems susceptible to attacks.

Learn more about 2

Blocking new threats in 5G mobile networks through robust encryption, authentication, and network slicing controls.

Learn more about 5G Security

The 5GHz band refers to a frequency range within the radio spectrum used by Wi-Fi networks for faster data transmission and reduced interference compared to the more common 2.4GHz band.

Learn more about 5GHz Band

The 6GHz band is a frequency range allocated by regulatory bodies for wireless communication devices, offering increased bandwidth and reduced interference for transmitting data wirelessly.

Learn more about 6GHz Band

802.11 Association is the process where a wireless client device establishes a connection and authenticates with a wireless access point to access a wireless network.

Learn more about 802.11 Association

802.11 Authentication is the process by which a wireless device proves its identity to another device on a Wi-Fi network to ensure secure access.

Learn more about 802.11 Authentication

802.1D refers to the original Spanning Tree Protocol, a network protocol that prevents loops in Ethernet networks by blocking redundant paths.

Learn more about 802.1D

802.1Q is a standard for VLAN tagging in Ethernet networks, allowing multiple VLANs to share a single physical network infrastructure.

Learn more about 802.1Q

802.1s is a standard for Multiple Spanning Tree Protocol (MSTP) in computer networking that allows multiple VLANs to be mapped to a single spanning tree instance, reducing the number of spanning tree instances needed in a network.

Learn more about 802.1s

802.1w is a standard for Rapid Spanning Tree Protocol (RSTP), which allows for faster convergence of network topology changes and reconfiguration of network paths in large network environments.

Learn more about 802.1w

802.1X is a standard for network access control that authenticates devices attempting to connect to a LAN or WLAN.

Learn more about 802.1X

802.1X (Wireless): A standard for port-based network access control that provides an authentication framework to devices attempting to connect to a network.

Learn more about 802.1X (Wireless)

802.1X Authentication is a protocol that provides network access control by authenticating and authorizing devices trying to connect to a network.

Learn more about 802.1X Authentication

Authentication, Authorization, and Accounting (AAA) is a security framework that controls access to network resources by verifying the identity of users, determining their level of access rights, and tracking their activities for auditing and billing purposes.

Learn more about AAA

AAA (Authentication, Authorization, Accounting) is a security framework that ensures only authorized users can access resources by verifying their identity (authentication), determining their level of access (authorization), and tracking their activity for auditing and billing purposes (accounting).

Learn more about AAA (Authentication, Authorization, Accounting)

AAA Framework refers to Authentication, Authorization, and Accounting, a security model used to control access to networks and resources by verifying the identity of users, determining their permissions, and tracking their activities.

Learn more about AAA Framework

ABAC (Attribute-Based Access Control) is a method of restricting access to resources based on attributes assigned to users, resources, and the environment in order to mitigate security risks.

Learn more about ABAC (Attribute-Based Access Control)

Acceptable risk is the level of potential harm or loss that an organization considers tolerable after analyzing threats, implementing controls, and weighing costs against benefits—acknowledging that all risk cannot be eliminated and establishing thresholds that balance security requirements with business objectives and resource limitations.

Learn more about Acceptable risk

Acceptable Use Policy: A set of rules and guidelines that define how an organization's computer systems and network resources should be utilized by employees and other users to ensure security, compliance, and productivity.

Learn more about Acceptable Use Policy

Tool blocking unauthorized access

Learn more about Access Blocker

Mechanisms to restrict resource access.

Learn more about Access control

List of permissions determining resource access rights

Learn more about Access Control List

A table defining user permissions.

Learn more about Access control matrix

Access Control Policy is a set of rules and procedures that define how users and systems can access and interact with resources within an organization's network, ensuring data confidentiality, integrity, and availability.

Learn more about Access Control Policy

Means to ensure that access to assets is authorized and restricted based on business and security requirements related to logical and physical systems.

Learn more about Access control system

The system decides if access is to be granted or denied based upon the validity of the token for the point where it is read based upon time, date, day, holiday, or other condition used for controlling validation.

Learn more about Access control tokens

Technique for data retrieval and manipulation

Learn more about Access Method

Device enabling wireless network connections

Learn more about Access Point

An access port is a network port on a device such as a switch used to connect end devices and allow data to enter and exit a specific VLAN.

Learn more about Access Port

An access-list is a set of rules that filters network traffic based on criteria such as source/destination IP addresses, port numbers, and protocols, used to control access to resources or protect a network from unauthorized access.

Learn more about Access-List

Temporary account disabling after failed attempts

Learn more about Account Lockout

Accountability ensures that account management has assurance that only authorized users are accessing the system and using it properly.

Learn more about Accountability

Accounting refers to the process of tracking and monitoring the activity of users accessing a system to ensure compliance with security policies and principles.

Learn more about Accounting

Acknowledgment in cybersecurity refers to a signal sent by the receiving end of a communication to indicate successful receipt of a message, often employed in network protocols like TCP.

Learn more about Acknowledgment

An Access Control List (ACL) is a list of permissions attached to an object that specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.

Learn more about ACL

ACL logging refers to the process of recording and monitoring access control lists (ACLs) to track and analyze network traffic and security events for identifying potential threats or unauthorized access attempts.

Learn more about ACL Logging

ACL Matching ensures that access control lists (ACLs) grant or deny network traffic based on defined rules and criteria, such as source or destination IP address, port number, or protocol.

Learn more about ACL Matching

ACL optimization refers to the process of refining access control lists to improve network performance and security by removing unnecessary rules and consolidating overlapping permissions.

Learn more about ACL Optimization

ACL placement refers to the strategic positioning of access control lists within a network to regulate and control the flow of traffic based on predetermined security policies and rules.

Learn more about ACL Placement

Active Authentication is a security process that requires users to provide additional forms of verification beyond a password, such as a fingerprint scan or one-time code, to access a system or application.

Learn more about Active Authentication

Microsoft directory service for network authentication and access control

Learn more about Active Directory

An active router refers to a network device that is currently functioning and processing data packets to enable communication between different network devices.

Learn more about Active Router

A Microsoft high-level interface for all kinds of data.

Learn more about ActiveX Data Objects

Microsoft data access technology

Learn more about Activex Data Objects ADO

AD Integration refers to the process of connecting and synchronizing an organization's Active Directory (AD) with other systems and applications for streamlined access control and centralized identity management.

Learn more about AD Integration

Risk-based authentication system

Learn more about Adaptive Authentication

Dynamic security approach that adapts to changing threats

Learn more about Adaptive security

Is used at the Media Access Control (MAC) Layer to provide for direct communication between two devices within the same LAN segment.

Learn more about Address Resolution Protocol

Mapping IP addresses to hardware addresses

Learn more about Address Resolution Protocol ARP

Administrative Access refers to privileged access rights given to users or systems for managing, configuring, and maintaining IT systems and networks.

Learn more about Administrative Access

Administrative Distance: A metric used in routing protocols to determine the reliability of a route, with lower values indicating more trusted routes over higher values.

Learn more about Administrative Distance

Data access technology for NET applications.

Learn more about ADONET

Standard symmetric encryption algorithm

Learn more about Advanced Encryption Standard

Advanced Persistent Threat (APT) is a sophisticated, prolonged cyber attack where highly skilled threat actors gain unauthorized access to a network and remain undetected for extended periods while systematically mapping the target's infrastructure, escalating privileges, and exfiltrating sensitive data to achieve specific strategic objectives.

Learn more about Advanced Persistent Threat

Prolonged targeted cyber attack

Learn more about Advanced Persistent Threat APT

Detection of sophisticated security threats

Learn more about Advanced threat detection

Security solution for detecting advanced threats

Learn more about Advanced Threat Protection

Study of attacks against machine learning systems

Learn more about Adversarial machine learning

Tricking AI with cunning inputs so it misclassifies or reveals data, bypassing traditional defenses.

Learn more about Adversarial Machine Learning Techniques

Entity attempting to compromise security systems

Learn more about Adversary

Software that displays unwanted ads

Learn more about Adware

AES (Advanced Encryption Standard) is a symmetric encryption algorithm used to secure sensitive data by encoding it into an unreadable format requiring a secret key to decrypt.

Learn more about AES

Encryption key length specification

Learn more about AES Key Size

AH (Authentication Header) is a protocol used in IPsec to provide connectionless integrity and data origin authentication for IP datagrams, ensuring that the data has not been altered or tampered with during transmission.

Learn more about AH

Ensuring artificial intelligence systems don’t cause unintended harm or dangerous outcomes—covering robustness, bias, security, and alignment.

Learn more about AI Safety

Physical isolation of secure networks

Learn more about Air Gap

Aircrack-ng is a suite of software tools used for assessing Wi-Fi network security by testing the vulnerability of wireless networks through password cracking and packet sniffing.

Learn more about Aircrack-ng

A mathematical function that is used in the encryption and decryption processes.

Learn more about Algorithm

Always-On VPN is a configuration that ensures a device connects to a Virtual Private Network (VPN) automatically and remains connected at all times, providing continuous protection for network traffic.

Learn more about Always-On VPN

"AMP for Endpoints is an advanced security solution that detects, prevents, and responds to security threats on endpoint devices."

Learn more about AMP for Endpoints

AMP for Networks is a cybersecurity solution that combines advanced malware protection technologies such as sandboxing, file trajectory, and retrospective security to detect and block threats across organizational networks.

Learn more about AMP for Networks

Identifying unusual system behaviors that may indicate threats

Learn more about Anomaly detection

Anomaly-based Detection is a method of detecting cyber threats by establishing a baseline of normal system behavior and flagging deviations from it as potential security incidents.

Learn more about Anomaly-based Detection

Ansible is an open-source configuration management and orchestration tool used for automating deployment, configuration, and management of IT infrastructure.

Learn more about Ansible

An Ansible Playbook is a configuration file written in YAML format that defines a set of tasks to be executed by the Ansible automation tool, allowing for the deployment and management of systems in a consistent and repeatable manner.

Learn more about Ansible Playbook

Antenna Gain is a measure of the increase in power that a transmitting antenna provides in a specific direction, compared to a hypothetical ideal isotropic antenna.

Learn more about Antenna Gain

Software that detects and removes malicious programs.

Learn more about Antivirus

Anycast is a networking technique where the same IP address is assigned to multiple servers, and data is routed to the server nearest to the requester, improving performance and redundancy.

Learn more about Anycast

Anycast RP is a routing technique where multiple routers advertise the same IP address, enabling clients to connect to the closest router for faster and more efficient data transmission.

Learn more about Anycast RP

API call is a process in which one software program requests data or services from another software program by sending a message over an application programming interface.

Learn more about API Call

A service or appliance managing and securing API calls by routing requests, enforcing policies, and controlling access to backend services.

Learn more about API Gateway

An API Gateway is a centralized security and management layer that controls, routes, and protects API interactions between clients and backend services, providing a single entry point for authentication, traffic management, and comprehensive monitoring of digital communications.

Learn more about API Security

Checking that an API handles requests safely, preventing injection, broken auth, or data exposure.

Learn more about API Security Testing

Automatic IP address allocation feature

Learn more about APIPA

Application Filtering is a cybersecurity method that selectively allows or blocks network traffic based on the specific application or service generating the data.

Learn more about Application Filtering

Application Monitoring is the process of observing and analyzing the performance, availability, and behavior of software applications to ensure they operate correctly and securely.

Learn more about Application Monitoring

An Application Object in cybersecurity refers to a software entity representing a real-world object within an application, allowing for structured data handling and manipulation during runtime.

Learn more about Application Object

Protecting applications from security threats

Learn more about Application Security

Application Visibility refers to the ability to monitor and analyze the network traffic generated by specific applications to gain insight into their usage, performance, and potential security risks.

Learn more about Application Visibility

Application-Aware Routing is a network routing technique that directs traffic based on the specific applications or services being used, rather than just the destination IP address, in order to optimize performance and security.

Learn more about Application-Aware Routing

Advanced Persistent Threat (APT) refers to a sophisticated, targeted cyberattack conducted by skilled threat actors with specific objectives, including gaining unauthorized access to networks, stealing sensitive data, and maintaining long-term access undetected.

Learn more about APT

Organized team conducting advanced attacks

Learn more about APT Group

ARP (Address Resolution Protocol) is a communication protocol used to map an IP address to a physical machine's MAC address in a local network.

Learn more about ARP

An attack that manipulates ARP tables.

Learn more about ARP cache poisoning

A malicious network technique that hijacks ARP communications to intercept and manipulate traffic by falsely associating an attacker's device with legitimate network IP addresses.

Learn more about ARP Poisoning

ARP Spoofing is a technique used by malicious actors to spoof or impersonate network devices by sending false Address Resolution Protocol (ARP) messages in order to redirect traffic to a different device.

Learn more about ARP Spoofing

Memory randomization security technique

Learn more about ASLR

An item perceived as having value.

Learn more about Asset

Categorizing assets by importance and sensitivity.

Learn more about Asset classification

A comprehensive list of an organizations assets.

Learn more about Asset inventory

The phases that an asset goes through from creation (collection) to destruction.

Learn more about Asset lifecycle

Systematic tracking and management of assets.

Learn more about Asset management

Assurance is the confidence level that security controls are designed and operating effectively to protect information assets.

Learn more about Assurance

Not identical on both sides. In cryptography, key pairs are used, one to encrypt, the other to decrypt.

Learn more about Asymmetric

Specific test case for security validation

Learn more about Atomic test

Sequential model of attack progression

Learn more about Attack Chain

Different security testing methods find different vulnerability types.

Learn more about Attack surface

Identifying, monitoring, and reducing all potential entry points where an attacker might attempt to breach a system or network.

Learn more about Attack Surface Management

Diagramming all possible ways attackers could break in or cause harm, helping teams prioritize defenses.

Learn more about Attack Tree Analysis

Path used by attackers to access systems

Learn more about Attack vector

Verification of system integrity status

Learn more about Attestation

This is an access control paradigm whereby access rights are granted to users with policies that combine attributes together.

Learn more about Attribute Based Access Control

Access control using attributes

Learn more about Attribute Based Access Control ABAC

The tools, processes, and activities used to perform compliance reviews.

Learn more about Audit

Systematic examination of security practices

Learn more about Audit Auditing

Recording system events for security analysis

Learn more about Audit Logging

Audit scope refers to the boundaries and objectives of an audit, defining what areas, systems, or processes will be reviewed and the goals of the assessment.

Learn more about Audit Scope

A record of system activities for accountability.

Learn more about Audit trail

Digital credential for user authentication

Learn more about Auth Token

The process of verifying identity.

Learn more about Authentication

Tiers indicating how certain you can be about a user’s identity, from simple passwords to strong hardware-based proofs.

Learn more about Authentication Assurance Levels

Component used to verify user identity

Learn more about Authentication factor

Protocol providing IP packet authentication

Learn more about Authentication Header

Authentication Policy is a set of rules and criteria that govern the methods and requirements for verifying the identity of users and allowing access to systems or data within an organization.

Learn more about Authentication Policy

Rules for verifying user identity

Learn more about Authentication Protocol

An Authentication Server is a system that verifies the credentials of users attempting to access a network or application, ensuring only authorized individuals gain entry.

Learn more about Authentication Server

An authenticator is a security measure that verifies the identity of a user attempting to access a system or application, typically through something the user knows (password), possesses (security token), or is (biometric data).

Learn more about Authenticator

The process of defining the specific resources a user needs and determining the type of access to those resources the user may have.

Learn more about Authorization

The Authorization Header is a component of HTTP requests that carries credentials for authenticating the client accessing a server, often using tokens like OAuth or API keys.

Learn more about Authorization Header

An Authorization Matrix is a document that outlines an organization's access control policies, specifying which users or groups have permission to access specific resources or perform certain actions within a system.

Learn more about Authorization Matrix

Authorization Policy is a set of rules specifying what actions a user or entity is allowed to perform within a system, based on their identity, role, permissions, and other attributes.

Learn more about Authorization Policy

Auto Negotiation is a network protocol that allows devices to automatically establish communication capabilities, such as speed and duplex settings, to enable data transmission between them.

Learn more about Auto Negotiation

Auto-MDIX is a feature in networking devices that automatically detects and configures the correct polarity for Ethernet cables, enabling devices to connect seamlessly without the need for a crossover cable.

Learn more about Auto-MDIX

Auto-summary is a feature in routing protocols that automatically summarizes network address prefixes at network boundaries to reduce the size of routing tables.

Learn more about Auto-summary

Automation testing refers to the use of software tools and scripts to automate the execution of test cases in order to enhance the efficiency, coverage, and accuracy of testing processes in software development.

Learn more about Automation Testing

Automation Workflow refers to the design, execution, and management of automated sequences of actions that streamline and standardize cybersecurity processes within an organization.

Learn more about Automation Workflow

An Autonomous Access Point is a standalone Wi-Fi device that operates independently without requiring a central controller to manage network traffic and security settings.

Learn more about Autonomous Access Point

Ensuring timely and reliable access to and use of information by authorized users.

Learn more about Availability

An Availability Zone is a distinct location within an Azure region that is made up of one or more datacenters equipped with independent power, cooling, and networking.

Learn more about Availability Zone

Security education for employees

Learn more about Awareness Training

Method to bypass security and gain unauthorized system access

Learn more about Backdoor

Backdoor Detection is the process of identifying and eliminating unauthorized access points in a system that could be exploited by attackers to gain entry into a network or application.

Learn more about Backdoor Detection

Copy of data stored separately for disaster recovery

Learn more about Backup

Backup Integrity Verification is the process of confirming the accuracy and completeness of backed-up data through checksums, validation techniques, and periodic testing to ensure data integrity and availability in case of data loss or corruption.

Learn more about Backup Integrity Verification

Bandwidth guarantee ensures that a certain minimum level of bandwidth is allocated to a network service or application to maintain performance and availability.

Learn more about Bandwidth Guarantee

Intentional limiting of network traffic rates for security purposes

Learn more about Bandwidth Throttling

Baseline Configuration Management is the process of establishing a set of standards for hardware, software, and network configurations to ensure consistency and security across an organization's IT infrastructure.

Learn more about Baseline Configuration Management

Baseline Security refers to the minimum level of security controls and measures that must be implemented to protect an organization's information and assets against common threats and vulnerabilities.

Learn more about Baseline Security

A minimum level of security.

Learn more about Baselines

Establishing normal operational patterns to detect anomalies

Learn more about Baselining

Behavior-based detection is a cybersecurity technique that focuses on monitoring and analyzing activities of users, applications, and systems to identify potential threats based on deviations from normal behavior patterns.

Learn more about Behavior-Based Detection

Behavioral Access Control refers to a security measure that assesses and adapts user access based on their behavior patterns and activities within a system to prevent unauthorized access.

Learn more about Behavioral Access Control

Behavioral Analytics in cybersecurity refers to the monitoring and analysis of user behavior patterns to identify potential security risks and threats on a network or system.

Learn more about Behavioral Analytics

Using human behavior for identification

Learn more about Behavioral Biometrics

Behavioral biometrics detection is a cybersecurity method that analyzes patterns in user behavior, such as typing speed or mouse movements, to authenticate and identify individuals.

Learn more about Behavioral Biometrics Detection

Behavioral Firewall is a security system that monitors and analyzes the behavior of users or applications to detect and prevent potential security threats or anomalous activities on a network.

Learn more about Behavioral Firewall

Behavioral Threat Intelligence is a cybersecurity approach that focuses on monitoring and analyzing users' habits and patterns to identify potential security threats within an organization's network.

Learn more about Behavioral Threat Intelligence

Standards used for comparison and evaluation.

Learn more about Benchmarks

Best Effort Traffic refers to a network communication approach where data packets are transmitted without guarantees for delivery, reliability, or quality of service.

Learn more about Best Effort Traffic

BFD (Bidirectional Forwarding Detection): A network protocol used to quickly detect link failures in IP networks by monitoring the forwarding path between adjacent routers.

Learn more about BFD (Bidirectional Forwarding Detection)

BGP (Border Gateway Protocol) is a standardized exterior gateway protocol to facilitate the exchange of routing information between different autonomous systems on the internet.

Learn more about BGP

BGP ASN (Border Gateway Protocol Autonomous System Number) is a unique identifier assigned to an autonomous system for the purpose of routing traffic on the Internet.

Learn more about BGP ASN

BGP Communities are tags attached to BGP route advertisements that help routers make filtering and routing decisions based on defined policies.

Learn more about BGP Communities

BGP flap is the continuous and rapid change in BGP route advertisement announcements due to frequent status updates, potentially causing network instability and performance issues.

Learn more about BGP Flap

BGP Hijacking is a malicious internet routing attack that manipulates Border Gateway Protocol routing tables to fraudulently redirect network traffic, enabling large-scale interception and control of global internet communications.

Learn more about BGP Hijacking

BGP Local Preference is a parameter used in Border Gateway Protocol (BGP) to influence outbound traffic flow by indicating the preferred exit point from an autonomous system.

Learn more about BGP Local Preference

BGP MED (Border Gateway Protocol Multi-Exit Discriminator) is an attribute that influences incoming traffic routing decisions by indicating the preferred exit point for traffic leaving an Autonomous System.

Learn more about BGP MED

BGP (Border Gateway Protocol) Path Selection refers to the process by which routers determine the best route for traffic to take based on various criteria such as shortest AS path length, shortest prefix length, and local preference attributes.

Learn more about BGP Path Selection

BGP peering refers to the establishment of a direct connection between two Border Gateway Protocol (BGP) routers for the purpose of exchanging routing information and ensuring efficient data transmission between autonomous systems in a network.

Learn more about BGP Peering

BGP Security comprises protective technologies and protocols designed to authenticate, validate, and secure internet routing information, preventing malicious manipulation of global network communications.

Learn more about BGP Security

BGP Weight is an attribute in Border Gateway Protocol (BGP) used to influence the best path selection process by assigning a numerical value to routes, with higher values indicating preference.

Learn more about BGP Weight

A system using 0 and 1 to represent values.

Learn more about Binary

Rules ensuring accurate and safe use of fingerprint, face, or iris recognition to avoid spoofing and protect personal data.

Learn more about Biometric Authentication Standards

A Biometric Policy is a set of guidelines and procedures that govern the collection, storage, and usage of biometric data for authentication or identification purposes within an organization.

Learn more about Biometric Policy

Authentication using unique physical or behavioral characteristics

Learn more about Biometrics

BIOS Security refers to safeguarding the Basic Input/Output System from unauthorized access or modifications, ensuring the integrity and authenticity of the firmware that initializes hardware components during the boot process.

Learn more about BIOS Security

Most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model.

Learn more about Bit

Testing without internal knowledge

Learn more about Black Box Testing

A Black Hat refers to a hacker who exploits computer systems for malicious purposes or personal gain.

Learn more about Black Hat

Malicious hacker performing unauthorized system intrusions

Learn more about Black Hat Hacker

Security method blocking access to known malicious entities

Learn more about Blacklisting

Blockchain is a decentralized digital ledger technology that records transactions across multiple computers in a way that ensures the data cannot be altered retroactively, using cryptographic principles to create transparent, immutable, and chronological records without requiring a central authority, enabling secure peer-to-peer transactions and automated agreements through smart contracts.

Learn more about Blockchain

Blockchain access control refers to the process of regulating and managing permissions within a blockchain network to ensure only authorized users can interact with data or perform certain actions.

Learn more about Blockchain Access Control

Blockchain forensics refers to the process of analyzing blockchain data to investigate and gather evidence related to transactions, addresses, and activities on a blockchain network.

Learn more about Blockchain Forensics

Preventing tampering or attacks on decentralized ledgers, including node misconfigurations, 51% attacks, and key theft.

Learn more about Blockchain Security

A blocked port refers to a network port that has been closed off to prevent unauthorized access or communication.

Learn more about Blocked Port

Security team focused on defending against cyber attacks

Learn more about Blue Team

Blue/Red Team Integration refers to the collaborative effort between defensive (Blue Team) and offensive (Red Team) teams within an organization to simulate real-world attacks, identify weaknesses, and enhance overall cybersecurity posture.

Learn more about Blue/Red Team Integration

Sending unsolicited messages via Bluetooth.

Learn more about BlueJacking

Unauthorized data access via Bluetooth.

Learn more about BlueSnarfing

Bluetooth wireless technology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and it has been integrated into many types of business and consumer devices.

Learn more about Bluetooth

A low power variant of Bluetooth for short range communication.

Learn more about Bluetooth Low Energy BLE

Protection mechanisms for Bluetooth wireless communications

Learn more about Bluetooth Security

Standard for short range wireless connectivity

Learn more about Bluetooth Wireless Personal Area Network IEEE 802 15

Malware targeting computer boot sectors

Learn more about Boot Sector Virus

BootP (Bootstrap Protocol) is a network protocol used to automatically assign IP addresses to devices on a network when they boot up.

Learn more about BootP

Bot Command and Control (C2) refers to the centralized server or servers that issue commands to a network of compromised devices or "bots" to carry out malicious activities.

Learn more about Bot Command and Control

Network of compromised computers controlled remotely by attackers

Learn more about Botnet

Botnet Detection is the process of identifying and mitigating network traffic and patterns associated with malicious botnet activity using intrusion detection systems, machine learning algorithms, and behavioral analysis techniques.

Learn more about Botnet Detection

Protection of network perimeter against unauthorized access

Learn more about Boundary Defense

BPDU stands for Bridge Protocol Data Unit, which is a data message transmitted between switches in a network to prevent loops and ensure loop-free spanning tree configurations.

Learn more about BPDU

BPDU Filter is a feature in network switches that blocks Bridge Protocol Data Units (BPDUs) from being received or transmitted, helping to prevent loops in the network topology.

Learn more about BPDU Filter

BPDU Guard is a feature used in network switches to prevent unauthorized switches from participating in the Spanning Tree Protocol by placing interfaces into an error-disabled state when receiving Bridge Protocol Data Units (BPDUs).

Learn more about BPDU Guard

Unauthorized access to sensitive protected information

Learn more about Breach

Breach Detection System: A security tool designed to detect unauthorized access or activities within a network or system, helping to identify potential security breaches promptly.

Learn more about Breach Detection System

Bridge ID is a unique identifier used in spanning tree protocol (STP) to determine the hierarchy of bridges in a network, with the lower Bridge ID indicating higher priority.

Learn more about Bridge ID

Layer 2 devices that filter traffic between segments based on Media Access Control (MAC) addresses.

Learn more about Bridges

Bridging Loop refers to a network issue where multiple switches create a loop resulting in broadcast storms and network congestion due to duplicate frames circulated indefinitely.

Learn more about Bridging Loop

Policies and controls to secure personal devices used for work, balancing convenience with data protection.

Learn more about Bring Your Own Device BYOD Security

Broadcast is a network transmission method where data is sent to all devices in a network without any encryption or specific recipient, potentially exposing sensitive information to unauthorized users.

Learn more about Broadcast

A network segment for broadcast traffic.

Learn more about Broadcast domain

Broadcast Storm occurs when a network device continuously broadcasts a large number of packets, causing network congestion and disrupting normal operations.

Learn more about Broadcast Storm

Tracking users by collecting unique browser settings and characteristics without cookies, raising privacy/security concerns.

Learn more about Browser Fingerprinting

Isolating web browsing activity for security

Learn more about Browser Isolation

Separates web browsing processes from the local device or network, often running them in a remote container to reduce the risk of malware.

Learn more about Browser Isolation Technology

Protective measures within web browsers against online threats

Learn more about Browser Security

Systematic trial of all key combinations

Learn more about Brute Force Attack

BSSID, or Basic Service Set Identifier, is a unique identifier assigned to a wireless Access Point (AP) in a wireless local area network (WLAN) that allows devices to differentiate between different APs.

Learn more about BSSID

A buffer is a temporary storage area within a computer's memory used to hold data before it is processed, helping prevent overflow errors and enhancing system efficiency.

Learn more about Buffer

Buffer Management is the process of overseeing and optimizing the utilization of memory buffers to prevent buffer overflows and enhance system security.

Learn more about Buffer Management

Memory vulnerability when a program exceeds allocated buffer space

Learn more about Buffer Overflow

Program rewarding vulnerability reporting

Learn more about Bug Bounty

Initiative rewarding discovery and reporting of security vulnerabilities

Learn more about Bug Bounty Program

Actions, processes, and tools for ensuring an organization can continue critical operations during a contingency.

Learn more about Business continuity

Business Continuity and Disaster Recovery is a strategic approach to maintaining critical business operations and rapidly recovering from unexpected disruptions through comprehensive planning, technological solutions, and resilient organizational strategies.

Learn more about Business Continuity and Disaster Recovery

Ensuring business operations continue during disasters

Learn more about Business Continuity BC

Strategy ensuring operations continue during cybersecurity incidents

Learn more about Business Continuity Planning

Business Impact Analysis is a strategic assessment process that identifies, quantifies, and evaluates the potential financial and operational consequences of disruptions to critical business functions.

Learn more about Business Impact Analysis

Assessment of business disruption impact

Learn more about Business Impact Analysis BIA

Policy allowing personal devices for work purposes

Learn more about BYOD

A unit of digital information consisting of eight bits.

Learn more about Byte

Cable Management refers to the organization and arrangement of cables in a network infrastructure to improve efficiency, maintenance, and reduce the risk of disconnection or damage.

Learn more about Cable Management

CAM Table: A Content Addressable Memory (CAM) Table is a networking device's listing of MAC addresses and corresponding port locations to efficiently forward data within a local area network.

Learn more about CAM Table

Maturity model focused on quality management processes and has five maturity levels that contain several key practices within each maturity level.

Learn more about Capability Maturity Model for Software

Framework to assess and improve software processes

Learn more about Capability Maturity Model For Software Or Software Capability Maturity Model CMM Or SW CMM

A Captive Portal is a web page that requires users to interact with it before granting access to a network, commonly used for authentication or accepting terms of use.

Learn more about Captive Portal

CAPWAP stands for Control and Provisioning of Wireless Access Points, which is a network protocol used for communication between wireless controllers and access points in a centralized wireless LAN architecture.

Learn more about CAPWAP

CBWFQ (Class-Based Weighted Fair Queuing) is a quality of service mechanism in computer networking that allows for prioritization and allocation of bandwidth based on defined classes and weights.

Learn more about CBWFQ (Class-Based Weighted Fair Queuing)

Meeting California’s consumer privacy regulations that mandate how personal data is collected, used, and protected.

Learn more about CCPA CPRA Compliance

Handling Californians’ requests to see, delete, or correct personal data under CCPA and CPRA.

Learn more about CCPA Data Rights Management

Continuous Data Protection (CDP) is a method used to ensure that data is constantly backed up in real-time to prevent loss due to hardware failures, disasters, or cyber attacks.

Learn more about CDP

CDP (Cisco Discovery Protocol) is a proprietary Cisco protocol that enables devices to share information about each other, such as the device type, IP address, and software version, to facilitate network management and troubleshooting.

Learn more about CDP (Cisco Discovery Protocol)

Cisco SD-WAN cEdge refers to a cloud edge router used to connect branch offices securely to the cloud for optimized performance and security.

Learn more about cEdge

A radio network distributed over land areas called cells, each served by at least one fixed-location transceiver, known as a cell site or base station.

Learn more about Cellular Network

Centralized Authentication is the process of verifying a user's identity across multiple systems or applications by storing and managing authentication credentials in a single, central location.

Learn more about Centralized Authentication

A certificate is a digital document issued by a Certificate Authority verifying the identity of an entity and binding a public key to that entity, commonly used in SSL/TLS for securing communication over networks.

Learn more about Certificate

Certificate Authentication is a process that involves verifying the authenticity of a digital certificate to ensure the identity of the communicating parties in a secure manner.

Learn more about Certificate Authentication

An entity trusted by one or more users as an authority that issues, revokes, and manages digital certificates tof bind individuals and entities to their public keys.

Learn more about Certificate authority

Entity that issues digital certificates

Learn more about Certificate Authority CA

A certificate chain is a sequence of certificates, where each certificate is signed by the subsequent certificate, verifying the authenticity of a public key and the identity of the certificate holder.

Learn more about Certificate Chain

Associating a host with its expected certificate

Learn more about Certificate Pinning

Locking apps to known certificates so fake certs don’t fool them, preventing rogue CA or MITM impersonation.

Learn more about Certificate Pinning Implementation

A framework for publicly logging all issued digital certificates, making it easier to detect fraudulent or misissued certificates.

Learn more about Certificate Transparency

Documentation of evidence handling.

Learn more about Chain of custody

Change Detection is the process of identifying and monitoring any modifications made to systems, applications, or configurations to detect unauthorized changes that could potentially indicate a security breach.

Learn more about Change Detection

A formal, methodical, comprehensive process for requesting, reviewing, and approving changes to the baseline of the IT environment.

Learn more about Change management

Channel bonding is the practice of combining multiple network connections in parallel to increase bandwidth and provide redundancy, improving network performance and reliability.

Learn more about Channel Bonding

A Channel Group in networking is a logical grouping of physical interfaces that provides increased bandwidth and redundancy by bundling multiple connections into a single aggregated link.

Learn more about Channel Group

Channel Overlap refers to the situation in wireless networks where multiple devices use the same frequency channels concurrently, leading to interference and degraded network performance.

Learn more about Channel Overlap

Checksum is a verification method used to ensure data integrity by generating a fixed-size numerical value based on the data being transmitted, which can be compared at the receiving end to detect any alterations or errors during transmission.

Learn more about Checksum

The CIA Triad is a fundamental security model that defines the three key objectives of information security: Confidentiality (protecting data from unauthorized access), Integrity (ensuring data remains accurate and unaltered), and Availability (guaranteeing reliable access to information when needed).

Learn more about CIA Triad

CIDR (Classless Inter-Domain Routing) is a method used to allocate and manage IP addresses more efficiently by allowing for variable-length subnet masking, enabling the aggregation of IP addresses into a single routing table entry.

Learn more about CIDR

An algorithm for encrypting or decrypting data.

Learn more about Cipher

The altered form of a plaintext message, so as to be unreadable for anyone except the intended recipients. Something that has been turned into a secret.

Learn more about Ciphertext

CIR (Committed Information Rate) is the minimum guaranteed data transfer rate in a network service agreement, ensuring a specified bandwidth threshold is always available for the subscriber.

Learn more about CIR (Committed Information Rate)

Cisco Advanced Malware Protection (AMP) is a comprehensive security solution that uses advanced malware detection and prevention techniques to protect endpoints, networks, and email.

Learn more about Cisco AMP

Cisco AnyConnect is a VPN client software developed by Cisco that provides secure remote access to enterprise networks.

Learn more about Cisco AnyConnect

Cisco ASA (Adaptive Security Appliance) is a firewall and intrusion prevention system that provides network security and threat protection for data centers, enterprises, and small to medium-sized businesses.

Learn more about Cisco ASA

Cisco Catalyst Center is a network management tool that provides centralized visibility and control over Cisco Catalyst switches for configuration and monitoring purposes.

Learn more about Cisco Catalyst Center

Cisco DNA Center is a centralized network management and control platform that enables automation, assurance, and analytics for enterprise networks.

Learn more about Cisco DNA Center

Cisco FMC (Firepower Management Center) is a centralized security management system that provides visibility, control, and automation for managing Cisco network security solutions.

Learn more about Cisco FMC

Cisco Firepower Threat Defense (FTD) is an integrated security platform that combines firewall capabilities, intrusion prevention, and advanced threat protection to detect, block, and remediate cybersecurity attacks.

Learn more about Cisco FTD

Cisco IBN stands for Cisco Intent-Based Networking, a networking technology that uses automation and machine learning to configure, optimize, and secure network infrastructure based on business intent.

Learn more about Cisco IBN

Cisco ISE (Identity Services Engine) is a security policy management platform that provides secure access to network resources based on user identity and device type.

Learn more about Cisco ISE

Cisco Prime Infrastructure is a network management tool that provides centralized visibility and control for wired and wireless networks, helping to streamline operations and improve security.

Learn more about Cisco Prime Infrastructure

Cisco pyATS is a network automation framework designed to streamline and simplify testing and validation of network devices and services.

Learn more about Cisco pyATS

Cisco Sandbox Lab is a virtual environment provided by Cisco for testing and analyzing potential security threats and vulnerabilities in a controlled setting before deploying new network configurations or security measures.

Learn more about Cisco Sandbox Lab

Cisco Secure Email is a comprehensive email security solution developed by Cisco Systems to protect against advanced email threats, spam, phishing, and data loss.

Learn more about Cisco Secure Email

Cisco Secure Endpoint is a cybersecurity solution that combines advanced threat prevention, detection, investigation, and response capabilities to protect against sophisticated malware and threats on endpoints.

Learn more about Cisco Secure Endpoint

Cisco Secure Firewall is a hardware- or software-based network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules to protect the network from unauthorized access or malicious activity.

Learn more about Cisco Secure Firewall

Cisco SecureX is an integrated cloud-native security platform by Cisco that provides visibility, threat detection, and automation across security products.

Learn more about Cisco SecureX

Cisco Snort is an open-source network intrusion prevention system (NIPS) that uses signature-based detection to monitor and analyze network traffic for malicious activity.

Learn more about Cisco Snort

Cisco ThousandEyes is a network monitoring tool that provides visibility into network performance, detects outages, and analyzes digital experience delivered to users.

Learn more about Cisco ThousandEyes

Cisco Threat Grid is a cloud-based malware analysis and threat intelligence platform that provides automated malware analysis capabilities for organizations to detect and analyze potential threats.

Learn more about Cisco Threat Grid

Cisco Umbrella is a cloud security platform that provides secure web gateway, DNS-layer security, and cloud-delivered firewall functionalities to protect users from internet threats.

Learn more about Cisco Umbrella

Class Map is a component of Cisco's modular QoS CLI used to define traffic matching criteria in order to classify and differentiate types of network traffic for quality of service (QoS) policies.

Learn more about Class Map

Class-based Weighted Fair Queuing (WFQ) is a QoS mechanism that prioritizes different classes of traffic based on defined parameters to ensure bandwidth allocation based on application requirements.

Learn more about Class-based WFQ

Arrangement of assets into categories.

Learn more about Classification

The removal of sensitive data from storage devices in such a way that there is assurance that the data may not be reconstructed using normal system functions or software recovery utilities.

Learn more about Clearing

CLI debugging is the process of identifying and resolving software or network issues by analyzing detailed log messages generated by a command-line interface.

Learn more about CLI Debugging

A Cloud Access Security Broker (CASB) is a security tool that acts as an intermediary between users and cloud service providers to monitor and manage access to cloud resources, enforce security policies, and ensure data protection in cloud environments.

Learn more about Cloud Access Security Broker (CASB)

Security enforcement for cloud services

Learn more about Cloud Access Security Broker CASB

Deploying a service layer that enforces security policies and monitors data transfers between users and cloud platforms.

Learn more about Cloud Access Security Broker Implementation

Cloud Edge refers to the perimeter where an organization's network interfaces with the cloud infrastructure, enabling secure and efficient communication between on-premises systems and cloud services.

Learn more about Cloud Edge

A Cloud Gateway is a networking device that connects on-premises networks to cloud-based resources, ensuring secure and efficient communication between them.

Learn more about Cloud Gateway

Managing and securing the permissions, roles, and accounts in multi-cloud environments to prevent excessive or unauthorized access.

Learn more about Cloud Infrastructure Entitlement Management CIEM

Cloud NAT is a Google Cloud service that allows virtual machine instances without external IP addresses to access the internet by translating their private IP addresses to a specific range of external IP addresses.

Learn more about Cloud NAT

Cloud networking is the practice of interconnecting multiple servers, storage, and networking resources in a virtualized environment to deliver scalable and flexible network services over the internet.

Learn more about Cloud Networking

Cloud OnRamp is a networking technology that securely connects users and branch offices to cloud services efficiently and with optimized performance.

Learn more about Cloud OnRamp

Protection of cloud based resources

Learn more about Cloud Security

A cloud security stamp of approval showing robust controls, integrating the CSA Cloud Controls Matrix and ISO 27001.

Learn more about Cloud Security Alliance STAR Certification

Tools and processes that continuously detect and address configuration and compliance risks in cloud environments.

Learn more about Cloud Security Posture Management CSPM

A solution designed to secure workloads in various cloud environments, providing features like threat detection, compliance checks, and runtime protection.

Learn more about Cloud Workload Protection Platform CWPP

Co-Channel Interference refers to interference caused by multiple devices transmitting on the same frequency in wireless communication networks, which can degrade the quality of the signal and impact network performance.

Learn more about Co-Channel Interference

CoA (Change of Authorization) is the process of updating or altering the access rights of a user or device during an active session, often used in network access control systems to dynamically adjust permissions based on changing security requirements.

Learn more about CoA (Change of Authorization)

Every call's data is encoded with a unique key, then the calls are all transmitted at once.

Learn more about Code division multiple access CDMA

A collision domain is a network segment where data packets can collide due to shared access to the same communication channel, typically in Ethernet environments without collision detection mechanisms like switches.

Learn more about Collision Domain

A Microsoft technology for software components.

Learn more about COM

Command and Control (C2) is a term used in cybersecurity to describe the communication and coordination channel established by attackers to remotely manage compromised systems and coordinate malicious activities.

Learn more about Command and Control

A communication channel through which attackers remotely direct compromised systems and extract data or execute malicious commands.

Learn more about Command and Control C2

A set of standards that addresses the need for interoperability between hardware and software products.

Learn more about Common Object Request Broker Architecture CORBA

A standard rating for software vulnerabilities’ severity, guiding how urgent remediation should be.

Learn more about Common Vulnerability Scoring System CVSS

Adherence to a mandate; both the actions demonstrating adherence and the tools, processes, and documentation that are used in adherence.

Learn more about Compliance

A compliance check is a process used to assess whether an organization's policies, procedures, and operations align with regulatory requirements and industry standards to ensure adherence to relevant laws and guidelines.

Learn more about Compliance Check

Compliance monitoring is the process of regularly assessing an organization’s adherence to regulatory requirements, industry standards, and internal policies to ensure ongoing alignment with established guidelines.

Learn more about Compliance Monitoring

A Compliance Report in cybersecurity refers to a detailed document that outlines an organization's adherence to specific regulatory requirements, standards, or best practices regarding security controls and processes.

Learn more about Compliance Report

A program written with functions and intent to copy and disperse itself without the knowledge and cooperation of the owner or user of the computer.

Learn more about Computer virus

Multiplex connected devices into one signal to be transmitted on a network.

Learn more about Concentrators

This criterion requires sufficient test cases for each condition in a program decision to take on all possible outcomes at least once. It differs from branch coverage only when multiple conditions must be evaluated to reach a decision.

Learn more about Condition coverage

Confederation is a network security model where separate autonomous systems agree to exchange routing information and cooperate in a limited manner to optimize the flow of data.

Learn more about Confederation

Using hardware-based enclaves to protect data in use from unauthorized inspection or modification.

Learn more about Confidential Computing

Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.

Learn more about Confidentiality

Configuration Archive refers to a repository storing historical configuration states of IT systems and network devices, aiding in rollback, recovery, and auditing processes for maintaining operational stability and security.

Learn more about Configuration Archive

Configuration Drift refers to the gradual divergence of system configurations from their intended state due to unauthorized changes, which can potentially introduce vulnerabilities and impact security.

Learn more about Configuration Drift

Maintaining system consistency through documented changes.

Learn more about Configuration management

A formal, methodical, comprehensive process for establishing a baseline of the IT environment (and each of the assets within that environment).

Learn more about Configuration management CM

Configuration Standard refers to a set of guidelines and best practices used to establish consistent, secure configurations for hardware, software, and network devices to minimize security vulnerabilities and ensure compliance with security policies.

Learn more about Configuration Standard

Provided by mixing (changing) the key values used during the repeated rounds of encryption. When the key is modified for each round, it provides added complexity that the attacker would encounter.

Learn more about Confusion

Congestion Avoidance is a technique used in networking to prevent network congestion by dynamically regulating data transmission to avoid packet loss and optimize network performance.

Learn more about Congestion Avoidance

Congestion Control is a network management technique that regulates data traffic flow to avoid network congestion and ensure efficient data transmission.

Learn more about Congestion Control

Congestion management is the process of controlling and optimizing network traffic flow to prevent network congestion and ensure efficient data transmission.

Learn more about Congestion Management

A console line is a physical or virtual interface that allows users to access and configure network devices, such as routers and switches, through a text-based command-line interface.

Learn more about Console Line

Container hardening is the process of securing and reducing vulnerabilities in containerized applications through various security measures such as restricting permissions, minimizing unnecessary software, and implementing encryption.

Learn more about Container Hardening

Securing container platforms like Kubernetes or Docker Swarm with access controls and resource isolation.

Learn more about Container Orchestration Security

A container registry is a storage system used to store and manage container images securely, allowing users to easily deploy and run containerized applications.

Learn more about Container Registry

Securing containerized applications

Learn more about Container Security

Container Vulnerability Scanning is the process of identifying, assessing, and managing vulnerabilities within containerized applications and their underlying infrastructure to prevent security breaches.

Learn more about Container Vulnerability Scanning

Is a large distributed system of servers deployed in multiple data centers across the internet.

Learn more about Content Distribution Network CDN

Context-Aware Access Control is a method of restricting access to resources based on the context of the access request, including factors like user identity, location, time of access, and the device being used.

Learn more about Context-Aware Access Control

Continuous Controls Monitoring is the process of automatically monitoring and assessing an organization's security controls in real-time to identify and address any compliance or security issues promptly.

Learn more about Continuous Controls Monitoring

Embedding security checks and automation throughout the software build, test, and release pipeline.

Learn more about Continuous Integration Continuous Deployment CICD Security

A Continuous Monitoring Plan is a structured approach that involves ongoing assessment of security controls, detection of security events, and implementation of proper responses to ensure real-time cybersecurity posture.

Learn more about Continuous Monitoring Plan

Regularly and automatically testing security defenses against real-world threats to identify gaps and improve defenses.

Learn more about Continuous Security Validation

The control plane in cybersecurity refers to the part of a network that is responsible for making decisions about where data should be sent and how it should get there.

Learn more about Control Plane

Control Plane Policing is a technique that helps to protect network devices by filtering and controlling the traffic that is destined for the control plane, preventing certain types of attacks from overwhelming the device's processing capabilities.

Learn more about Control Plane Policing

Control Plane Protection refers to securing the network infrastructure that manages and controls data traffic flow to prevent unauthorized access, disruption, or misuse of network resources.

Learn more about Control Plane Protection

Control Plane Security focuses on protecting the infrastructure and protocols used by network devices to manage traffic and maintain network operations.

Learn more about Control Plane Security

A cookie is a small piece of data stored on a user's computer by a web browser, typically used to remember information about the user or track their browsing behavior.

Learn more about Cookie

Copying the running-config refers to the process of saving the current configuration settings of a network device into its active memory, allowing for easy restoration or transfer of settings when needed.

Learn more about Copy Running-config

A correlation policy in cybersecurity refers to a set of rules and logic that analyzes and links different security events and logs to identify potential threats or attacks across an organization's network infrastructure.

Learn more about Correlation Policy

CoS (Class of Service) is a method for prioritizing and managing network traffic based on predefined levels of service quality to ensure specific data packets receive preferential treatment over others.

Learn more about CoS

CoS (Class of Service) is a way to prioritize and differentiate types of network traffic by assigning different levels of service quality based on packet marking or tagging.

Learn more about CoS (Class of Service)

An information flow that is not controlled by a security control and has the opportunity of disclosing confidential information.

Learn more about Covert channel

Covert Security Testing is an undetected cybersecurity assessment method that simulates real-world attacks to identify vulnerabilities by penetrating an organization's systems without triggering internal security mechanisms.

Learn more about Covert security testing

Automated use of stolen credentials

Learn more about Credential Stuffing

Blocking attacks that try known username-password pairs across multiple sites to compromise reused credentials.

Learn more about Credential Stuffing Prevention

Assets vital to an organizations operations.

Learn more about Critical assets

Essential protective measures to block or lessen the most common attacks, maintained by CIS.

Learn more about Critical Security Controls

A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked before their expiration date by a certification authority and is used to verify the validity of certificates.

Learn more about CRL

Tricking a user into unwanted actions

Learn more about Cross Site Request Forgery CSRF

Injection of malicious scripts in web pages

Learn more about Cross Site Scripting XSS

Cross-Cloud Policy refers to the set of rules and controls that govern the security and management of data and resources across multiple cloud environments simultaneously.

Learn more about Cross-Cloud Policy

This is achieved when the type I and type II are equal.

Learn more about Crossover Error Rate CER

The study of techniques for attempting to defeat cryptographic techniques and, more generally, information security services provided through cryptography.

Learn more about Cryptanalysis

A cryptographic map (Crypto Map) is a feature used in virtual private networks (VPNs) to define the encryption parameters and policies for securing network traffic between different locations or devices.

Learn more about Crypto Map

Protecting digital wallets, private keys, and exchanges from breaches, theft, and smart-contract exploits in crypto.

Learn more about Cryptocurrency Security

Resistance of an encryption algorithm to attacks.

Learn more about Cryptographic strength

Secret writing. Today provides the ability to achieve confidentiality, integrity, authenticity, non-repudiation, and access control.

Learn more about Cryptography

Unauthorized cryptocurrency mining

Learn more about Cryptojacking

The science that deals with hidden, disguised, or encrypted information and communications.

Learn more about Cryptology

The critical point where a material's intrinsic magnetic alignment changes direction.

Learn more about Curie Temperature

Responsible for protecting an asset that has value, while in the custodian's possession.

Learn more about Custodian

Managing and securing consumer-facing user accounts, ensuring streamlined registration, authentication, and data privacy.

Learn more about Customer Identity and Access Management CIAM

CVE (Common Vulnerabilities and Exposures) is a standardized list of publicly known cybersecurity vulnerabilities and exposures found in software and hardware products.

Learn more about CVE (Common Vulnerabilities and Exposures)

CVSS Score is a numerical representation of the severity of a vulnerability, providing a standardized method for assessing and prioritizing security risks.

Learn more about CVSS Score

A list of the most common and dangerous software vulnerabilities, compiled by CWE and the SANS Institute.

Learn more about CWE SANS Top 25

Defensive tools and techniques that mimic targets or assets to mislead attackers and gather intelligence on their methods.

Learn more about Cyber Deception Technology

Criminals demanding payment (often via ransomware or data leak threats) to restore access or avoid publicizing stolen data.

Learn more about Cyber Extortion

A policy covering costs related to cyber incidents, such as breach notifications, data recovery, or legal fees.

Learn more about Cyber Insurance

A framework outlining the common stages of a cyberattack, from reconnaissance to data exfiltration, helping defenders identify and disrupt threats.

Learn more about Cyber Kill Chain

Protecting systems that blend digital networks with real-world operations (like autonomous vehicles, medical devices, or smart buildings).

Learn more about Cyber Physical Systems Security

A simulated environment for running realistic cyber-attack drills and training defensive teams in an isolated setting.

Learn more about Cyber Range

An organization’s capacity to maintain operations under cyberattack and quickly recover from disruptions.

Learn more about Cyber Resiliency

Using quantitative methods to estimate potential financial and operational impacts of cyber threats, aiding in informed risk management decisions.

Learn more about Cyber Risk Quantification

A proactive approach to finding threats in an environment by analyzing current and historical data for indicators of compromise.

Learn more about Cyber Threat Hunting

Analysis of information about cyber threats

Learn more about Cyber Threat Intelligence CTI

Processes like planning, collection, analysis, and dissemination used to turn raw threat data into actionable intelligence.

Learn more about Cyber Threat Intelligence CTI Lifecycle

The use of digital attacks by nation-states or groups to disrupt or gain strategic advantage over adversaries’ information systems.

Learn more about Cyber Warfare

Cybersecurity is the practice of protecting computers, networks, and digital information from unauthorized access, theft, and damage. It's like a digital security system that guards your electronic devices and online accounts against hackers, viruses, and other cyber threats. Just as you lock your home to keep intruders out, cybersecurity uses technology, smart practices, and awareness to keep your digital life safe from online criminals who want to steal your personal information, financial data, or disrupt your digital activities.

Learn more about Cybersecurity

A U.S. DoD framework ensuring defense contractors demonstrate specific cybersecurity capabilities and processes.

Learn more about Cybersecurity Maturity Model Certification CMMC

Gathering info from hidden online forums and markets to spot leaked data or criminal plans early.

Learn more about Dark Web Intelligence

Layer for abstracting database interactions.

Learn more about Data access layer

Entails analyzing the data that the organization retains, determining its importance and value, and then assigning it to a category.

Learn more about Data classification

The person/role within the organization owner/controller.

Learn more about Data custodian

Conversion of data into a secure format

Learn more about Data Encryption

Data Encryption Standard (DES) is a symmetric key algorithm that encrypts and decrypts data in 64-bit blocks using a 56-bit key.

Learn more about Data Encryption Standard

Data exfiltration refers to the unauthorized transfer of data from a computer or network to an external location or attacker-controlled system.

Learn more about Data Exfiltration

This criteria requires sufficient test cases for each feasible data flow to be executed at least once.

Learn more about Data flow coverage

Data governance is a framework of policies, processes, roles, and metrics that ensures the effective and efficient use of information across an organization, establishing how data is controlled, accessed, and used while maintaining its quality, security, privacy, and compliance with regulations.

Learn more about Data Governance

A Data Handling Policy is a set of rules and procedures governing the collection, storage, access, and sharing of data within an organization to ensure data security and compliance with relevant regulations.

Learn more about Data Handling Policy

Data Integrity Verification is the process of ensuring that data remains unchanged and has not been tampered with during storage, transmission, or processing.

Learn more about Data Integrity Verification

Managing data throughout its lifecycle.

Learn more about Data lifecycle management

Data Lineage refers to the historical record of data's lifecycle, including its origins, movements, processes, and transformations, enabling visibility and control for data governance and compliance purposes.

Learn more about Data Lineage

The second layer of the OSI model for data transfer.

Learn more about Data link layer

Data Loss Prevention (DLP) refers to a set of tools and processes used to detect and prevent unauthorized access, transmission, or utilization of sensitive data within an organization.

Learn more about Data Loss Prevention (DLP)

Tools and processes designed to prevent unauthorized data exfiltration or accidental leakage.

Learn more about Data Loss Prevention DLP

Data Loss Scenario refers to a situation where critical information is permanently destroyed, made inaccessible, or stolen, posing significant risks to an organization's operations, reputation, and compliance with data protection regulations.

Learn more about Data Loss Scenario

Identifying and labeling data across an organization to track it properly for privacy and security compliance.

Learn more about Data Mapping Classification Tools

Hiding sensitive data with altered content

Learn more about Data Masking

Collecting and keeping only the data you really need to reduce breach risks and comply with privacy regulations.

Learn more about Data Minimization

Data Minimization Principle is the practice of limiting the amount of personal data collected by an organization to only what is necessary for a specified purpose and retaining it only for as long as needed, to reduce the risk of data breaches and protect individual privacy.

Learn more about Data Minimization Principle

A decision-making technique that is based on a series of analytical techniques taken from the fields of mathematics, statistics, cybernetics, and genetics.

Learn more about Data mining

An entity that collects or creates PII.

Learn more about Data owner controller

A Data Ownership Policy is a formal document that outlines the rights and responsibilities of individuals or entities in relation to the data they create, collect, or process within an organization.

Learn more about Data Ownership Policy

The Data Plane is the part of a network device responsible for forwarding and processing data packets based on specific rules and configurations.

Learn more about Data Plane

Data Plane Protection refers to security mechanisms implemented to safeguard the data forwarding process in networking devices such as routers and switches from cyber threats and unauthorized access.

Learn more about Data Plane Protection

Data Plane Security involves protecting the network traffic and data forwarding functions within a network or system from unauthorized access, modification, or interception.

Learn more about Data Plane Security

Data Sovereignty refers to the concept that data is subject to the laws and governance of the country in which it is located or where it was created.

Learn more about Data Sovereignty

The individual human related to a set of personal data.

Learn more about Data subject

Letting people request copies, corrections, or deletion of their personal data under laws like GDPR, CCPA, etc.

Learn more about Data Subject Access Rights

Data tokenization is the process of substituting sensitive data with unique identification symbols that retain essential data content and characteristics, thereby minimizing the risk associated with storing or transmitting the original data.

Learn more about Data Tokenization

Data transformation is the process of converting data from one format or structure into another, often done to improve data quality, integration, or compatibility.

Learn more about Data Transformation

A suite of application programs that typically manages large, structured sets of persistent data.

Learn more about Database Management System DBMS

Describes the relationship between the data elements and provides a framework for organizing the data.

Learn more about Database model

DDoS (Distributed Denial of Service) is a cyberattack where multiple compromised systems are used to flood the target with a high volume of traffic, rendering the service inaccessible.

Learn more about DDoS

Tools and services designed to detect and block Distributed Denial of Service attacks, keeping online resources available.

Learn more about DDoS Mitigation Services

A deauthentication attack is a type of cyber attack where an attacker sends fake deauthentication packets to a targeted device on a Wi-Fi network, causing it to disconnect from the network.

Learn more about Deauthentication Attack

A Debug Command is a software development tool used to identify and resolve programming errors and vulnerabilities in code.

Learn more about Debug Command

Decapsulation is the process of removing the headers added at each layer of the network protocol stack as data moves from the sender to the recipient.

Learn more about Decapsulation

A decentralized application (DApp) is a software application that operates on a decentralized network rather than a centralized server, utilizing blockchain technology for tasks such as data storage and transaction processing.

Learn more about Decentralized Application

Considered to be a minimum level of coverage for most software products, but decision coverage alone is insufficient for high-integrity applications.

Learn more about Decision branch coverage

The reverse process from encryption. It is the process of converting a ciphertext message back into plaintext through the use of the cryptographic algorithm and the appropriate key that was used to do the original encryption.

Learn more about Decryption

Inspection of packet data for analysis

Learn more about Deep Packet Inspection DPI

Identifying AI-generated or manipulated media impersonations before they fool the public or breach security.

Learn more about Deepfake Detection

Default Gateway is a network device, typically a router or firewall, that serves as an access point or intermediary for traffic between devices on a local network and external networks.

Learn more about Default Gateway

A default route is a network route used when there is no specific route in the routing table for a destination IP address.

Learn more about Default Route

Eliminating data using a controlled, legally defensible, and regulatory compliant way.

Learn more about Defensible destruction

Defending decentralized finance platforms from exploits—whether code, price manipulations, or malicious insiders.

Learn more about DeFi Security

Delay refers to the intentional slowing down or postponement of network traffic or data transmission for security purposes to prevent unauthorized access or attacks.

Learn more about Delay

Delegated Administration is the practice of assigning specific administrative privileges to designated individuals or groups for managing security settings and access controls within a system or network.

Learn more about Delegated Administration

Denial of Service (DoS) is a cyber attack that disrupts a network service by overwhelming it with a flood of illegitimate traffic, rendering it inaccessible to legitimate users.

Learn more about Denial of Service

A Designated Port is a port on a network switch that is selected as the forwarding port for a specific network segment, allowing data to be efficiently transmitted within that segment.

Learn more about Designated Port

Detection Engineering is the process of designing, implementing, and optimizing detection mechanisms within cybersecurity systems to identify and respond to security incidents effectively.

Learn more about Detection Engineering

Device inventory refers to the comprehensive list of all hardware and software components within an organization's network, helping to track and manage devices for security and compliance purposes.

Learn more about Device Inventory

Device Trajectory refers to the historical path and behavior of a computing device within a network or system, including its connections, activity, and interactions over time.

Learn more about Device Trajectory

DevNet Sandbox is a virtual environment provided by Cisco for developing, testing, and experimenting with applications and solutions in a controlled and secure setting.

Learn more about DevNet Sandbox

An approach based on lean and agile principles in which business owners and the development, operations, and quality assurance departments collaborate.

Learn more about DevOps

A collaborative culture and set of practices that integrates security activities into every phase of software development and operations.

Learn more about DevSecOps

DFS channels are additional radio frequencies in the 5 GHz band used by Wi-Fi devices to dynamically switch channels to avoid interference from radar systems, improving network performance and reliability.

Learn more about DFS Channels

DFS Compliance refers to the set of regulations outlined by the New York State Department of Financial Services (DFS) to ensure that financial institutions implement cybersecurity measures to protect sensitive data from unauthorized access or disclosure.

Learn more about DFS Compliance

DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to automatically assign IP addresses and configuration settings to devices connected to a network.

Learn more about DHCP

DHCP exclusion refers to a configuration setting in Dynamic Host Configuration Protocol (DHCP) servers that reserves specific IP addresses from being assigned to devices on the network to prevent conflicts or ensure certain addresses are not used.

Learn more about DHCP Exclusion

A DHCP Lease is the amount of time a DHCP server allows a device to use a specific IP address before requiring the device to renew the lease or acquire a new IP address.

Learn more about DHCP Lease

DHCP Relay is a networking mechanism that forwards Dynamic Host Configuration Protocol (DHCP) messages between clients and servers across different network segments to enable IP address assignment and configuration.

Learn more about DHCP Relay

DHCP Scope is a range of IP addresses that a DHCP server can allocate to devices on a network.

Learn more about DHCP Scope

DHCP Snooping is a security feature that filters and controls DHCP messages within a network to prevent rogue DHCP servers from assigning IP addresses to devices, thereby mitigating potential network attacks.

Learn more about DHCP Snooping

Direct Internet Access (DIA) is a network architecture that allows end-user devices to connect directly to the internet without having to pass through the organization's network security measures.

Learn more about DIA (Direct Internet Access)

Mixing “noise” into data or queries so you can’t pinpoint individuals while still extracting aggregate insights.

Learn more about Differential Privacy

Provided by mixing up the location of the plaintext throughout the ciphertext. The strongest algorithms exhibit a high degree of confusion and diffusion.

Learn more about Diffusion

An electronic document that contains the name of an organization or individual, the business address, the digital signature of the certificate authority issuing the certificate, the certificate holder's public key, a serial number, and the expiration date. Used to bind individuals and entities to their public keys. Issued by a trusted third party referred to as a Certificate Authority (CA).

Learn more about Digital certificate

Trail of data left online

Learn more about Digital Footprint

Investigation of digital evidence

Learn more about Digital Forensics

Investigating security incidents, gathering digital evidence, and coordinating actions to contain and mitigate damage.

Learn more about Digital Forensics and Incident Response DFIR

A broad range of technologies that grant control and protection to content providers over their own digital media. May use cryptography techniques.

Learn more about Digital rights management DRM

Monitoring and managing digital risks

Learn more about Digital Risk Protection

Discrete signals representing binary data.

Learn more about Digital signals

Digital Signature Algorithm (DSA) is a cryptographic algorithm used for generating and verifying digital signatures to ensure the authenticity, integrity, and non-repudiation of digital messages or documents.

Learn more about Digital Signature Algorithm

Provide authentication of a sender and integrity of a sender's message and non-repudiation services.

Learn more about Digital signatures

Direct Connect is a dedicated network connection between an on-premises network and a cloud service provider's network, providing a more secure and reliable way to transfer data compared to using the public internet.

Learn more about Direct Connect

Blocking malicious file path manipulations (like ../) to prevent reading or writing outside authorized dirs.

Learn more about Directory Traversal Mitigation

Disassociation Process is where a device disconnects from a Wi-Fi network to stop communicating with it, typically initiated by the device or access point.

Learn more about Disassociation Process

Strategies to recover from disasters.

Learn more about Disaster recovery

Those tasks and activities required to bring an organization back from contingency operations and reinstate regular operations.

Learn more about Disaster recovery DR

Discretionary Access Control is a cybersecurity mechanism that allows users to control access to resources based on the discretion of the resource owner.

Learn more about Discretionary Access Control

The system owner decides who gets access.

Learn more about Discretionary access control DAC

Disposition of Data refers to the process of determining whether data should be retained, deleted, or archived based on its value and regulatory requirements.

Learn more about Disposition of Data

Distance Vector Protocol is a routing algorithm that shares destination table information with neighboring routers based on distance and vector metrics, like hop count, to determine the best routes for data packets in a network.

Learn more about Distance Vector Protocol

A distribute-list is an access control mechanism used in routing protocols to filter routing updates based on configured criteria, allowing or denying the advertisement of specific routes.

Learn more about Distribute-list

A Distributed Denial of Service (DDoS) attack is a coordinated assault on network infrastructure or services where multiple compromised systems flood the target with overwhelming traffic from many sources simultaneously, exhausting server resources and bandwidth capacity, and preventing legitimate users from accessing the targeted system, website, or network service.

Learn more about Distributed Denial Of Service DDOS Attack

Decentralized transaction recording system

Learn more about Distributed Ledger Technology DLT

DKIM (DomainKeys Identified Mail) is a security protocol used to authenticate the source domain of an email message by adding a digital signature to its headers, thus verifying its integrity and preventing email spoofing and phishing attacks.

Learn more about DKIM

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol used to protect against domain spoofing and phishing attacks by verifying the authenticity of the sender's domain.

Learn more about DMARC

Email protocols that verify sender authenticity and reduce the risk of spoofing and phishing.

Learn more about DMARC SPF DKIM Email Security

DMVPN (Dynamic Multipoint Virtual Private Network) is a dynamic tunnels networking technology that allows multiple sites to communicate securely over the internet using a hub-and-spoke topology.

Learn more about DMVPN

A DMZ (demilitarized zone) is a network segment that acts as a buffer between a trusted internal network and an untrusted external network to provide an additional layer of security for protecting sensitive data and resources.

Learn more about DMZ

DNS (Domain Name System) translates domain names into IP addresses, allowing devices to locate resources on the internet.

Learn more about DNS

DNS Lookup is the process of translating a domain name into an IP address by querying the Domain Name System (DNS) servers.

Learn more about DNS Lookup

A protocol that encrypts DNS queries over HTTPS, improving privacy and blocking potential eavesdroppers.

Learn more about DNS over HTTPS DoH

A protocol that secures DNS queries using TLS to protect against interception or tampering.

Learn more about DNS over TLS DoT

Protecting the Domain Name System

Learn more about DNS Security

DNS Security Extensions (DNSSEC) is a set of protocols that adds cryptographic authentication to the Domain Name System (DNS) to ensure data integrity and prevent DNS spoofing and cache poisoning attacks.

Learn more about DNS Security Extensions

Enhancements to DNS that use cryptographic signatures to prevent domain spoofing and forgery.

Learn more about DNS Security Extensions DNSSEC

The DNS Server IP is the address of a Domain Name System server that translates domain names into IP addresses.

Learn more about DNS Server IP

Redirecting malicious or suspicious domain name queries to a controlled server, preventing attackers from communicating with command-and-control servers.

Learn more about DNS Sinkholing

DNS spoofing is a cyber attack where the attacker forges DNS responses to redirect legitimate traffic to malicious websites.

Learn more about DNS Spoofing

DNS-layer Security is a cybersecurity technique that protects networks by filtering and blocking malicious DNS requests before they can reach an organization's network, helping to prevent threats and attacks.

Learn more about DNS-layer Security

DNS64 is a mechanism that facilitates communication between devices using different IP versions by translating IPv6 addresses to IPv4 addresses and vice versa.

Learn more about DNS64

Digitally signing DNS records to stop attackers from redirecting users to fake sites.

Learn more about DNSSEC Implementation

Techniques to safeguard containerized applications, such as scanning images, restricting privileges, and isolating containers.

Learn more about Docker Security

Document Control is the process of managing, storing, and securing sensitive information to prevent unauthorized access, modification, or distribution, ensuring data integrity and confidentiality.

Learn more about Document Control

A method used by malware to generate many domain names for command-and-control servers, making them harder to track or block.

Learn more about Domain Generation Algorithm DGA

Domain lookup is the process of converting a domain name into an IP address using the Domain Name System (DNS) to locate resources on the internet.

Learn more about Domain Lookup

Domain Reputation refers to the assessment of a domain name's trustworthiness based on its historical behavior, such as spamming, phishing, or hosting malicious content, which can impact email deliverability and website ranking in search engines.

Learn more about Domain Reputation

Domain security refers to the measures and practices implemented to protect a domain, which is a group of networked computers sharing a common suffix in their hostnames, from unauthorized access, misuse, and cyber threats.

Learn more about Domain Security

A DoS (Denial of Service) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming it with a flood of superfluous requests, thereby rendering it inaccessible to legitimate users.

Learn more about DoS

Dot1Q is a standard protocol for tagging frames on an Ethernet network with a VLAN identifier.

Learn more about Dot1Q

Drive-by Download is a method used by cyber attackers to automatically download malicious software onto a victim's device when they visit a compromised website without their knowledge or consent.

Learn more about Drive-by Download

Drop Probability: The likelihood of a network device discarding or dropping a packet due to factors such as congestion, limited buffer capacities, or QoS policies in place.

Learn more about Drop Probability

DSCP (Differentiated Services Code Point) is a 6-bit value in an IP packet header used for Quality of Service (QoS) purposes to prioritize network traffic based on defined classes.

Learn more about DSCP

DUAL (Diffusing Update Algorithm) is a routing protocol used in networking to prevent loops and calculate the best path for data packets to reach their destination efficiently.

Learn more about DUAL

Dual Stack refers to the capability of supporting both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) simultaneously on a network or system.

Learn more about Dual Stack

A legal concept pertaining to the duty owed by a provider to a customer.

Learn more about Due care

Actions taken by a vendor to demonstrate/ provide due care.

Learn more about Due diligence

Duo MFA is a multi-factor authentication solution that adds an extra layer of security by requiring users to provide two or more forms of verification before granting access to a system or application.

Learn more about Duo MFA

Duplex mismatch occurs when network devices connected to each other have mismatched configurations regarding the transmission mode (half-duplex or full-duplex), causing communication issues and performance degradation.

Learn more about Duplex Mismatch

Dynamic ACL stands for Dynamic Access Control List, a type of access control list that can be modified in real-time to control traffic flow based on specified criteria such as source, destination, and type of traffic.

Learn more about Dynamic ACL

Testing live applications for security flaws.

Learn more about Dynamic application security testing DAST

Dynamic DNS is a service that automatically updates the domain name system records when the IP address of a device changes, allowing for seamless and reliable access to network resources.

Learn more about Dynamic DNS

Dynamic MAC Entry refers to an entry in a MAC address table that is automatically learned and updated by a network device without manual configuration, allowing for efficient network communication and management.

Learn more about Dynamic MAC Entry

Ports 49152 – 65535. Whenever a service is requested that is associated with Well- Known or Registered Ports those services will respond with a dynamic port.

Learn more about Dynamic or Private Ports

Dynamic Routing is a networking technique where routers automatically adjust the paths and update routing tables based on network topology and changing conditions.

Learn more about Dynamic Routing

Dynamic Secrets Management involves automatically creating, distributing, rotating, and revoking credentials or tokens used for authenticating and encrypting data in a constantly changing and secure manner to limit exposure and unauthorized access.

Learn more about Dynamic Secrets Management

When the system under test is executed and its behavior is observed.

Learn more about Dynamic testing

Dynamic Trunking Protocol (DTP) is a Cisco proprietary networking protocol used to negotiate, establish, and maintain trunk connections between networking devices.

Learn more about Dynamic Trunking Protocol (DTP)

EAP (Extensible Authentication Protocol) is a network authentication framework that allows for various methods of authentication, such as username/password, digital certificates, and biometrics, to validate a user's identity on a network.

Learn more about EAP

EAP Chaining is a method that involves the use of multiple Extensible Authentication Protocol (EAP) types in succession during the authentication process to enhance security and provide flexibility in network access control.

Learn more about EAP Chaining

EAP-FAST (Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling) is a protocol that facilitates secure communication during network authentication, providing mutual authentication and protection against various attacks.

Learn more about EAP-FAST

EAP-PEAP (Extensible Authentication Protocol - Protected Extensible Authentication Protocol) is a security protocol that encapsulates EAP within a secure tunnel created by Transport Layer Security (TLS).

Learn more about EAP-PEAP

EAP-TLS (Extensible Authentication Protocol-Transport Layer Security) is a security protocol that provides mutual authentication between a client and a server using digital certificates.

Learn more about EAP-TLS

Unauthorized interception of private communications.

Learn more about Eavesdropping Attack

eBGP (external Border Gateway Protocol) is a type of BGP routing where the connections are made between different autonomous systems.

Learn more about eBGP

Public key cryptography using elliptic curves.

Learn more about ECC

Edge Security refers to the protection of devices, data, and networks at the boundaries, such as IoT devices and remote endpoints, to secure the edge of the network from potential cyber threats.

Learn more about Edge Security

Monitoring outbound traffic to prevent unauthorized data transfers.

Learn more about Egress Filtering

Egress Queue is a buffer in networking devices where outgoing data packets are temporarily stored before being transmitted to their destination.

Learn more about Egress Queue

EIGRP (Enhanced Interior Gateway Routing Protocol) is a Cisco proprietary advanced distance-vector routing protocol used for routing data between routers within a network efficiently.

Learn more about EIGRP

EIGRP AS Number: A unique identifier within the Enhanced Interior Gateway Routing Protocol (EIGRP) used to distinguish between different autonomous systems exchanging routing information.

Learn more about EIGRP AS Number

EIGRP Feasible Distance is the best metric to a destination network through a specific path, calculated based on the sum of the outgoing interface's reported distance and the feasible distance of the neighboring router.

Learn more about EIGRP Feasible Distance

An EIGRP Feasible Successor is a backup route in Enhanced Interior Gateway Routing Protocol (EIGRP) that meets the feasibility condition and can be immediately used if the primary route fails.

Learn more about EIGRP Feasible Successor

EIGRP Hello Packet are small data packets sent at regular intervals by Enhanced Interior Gateway Routing Protocol (EIGRP) routers to discover and maintain neighbor relationships.

Learn more about EIGRP Hello Packet

EIGRP Metric is a value calculated by EIGRP routing protocol to determine the best path to reach a destination based on factors like bandwidth, delay, reliability, and load of the network links.

Learn more about EIGRP Metric

The EIGRP Reported Distance is the metric used to represent the total metric from a neighbor to a particular destination network in an EIGRP routing domain.

Learn more about EIGRP Reported Distance

EIGRP Successor is the router from which the best path to a specific network is known and used for forwarding packets in the Enhanced Interior Gateway Routing Protocol (EIGRP) routing protocol.

Learn more about EIGRP Successor

EIGRPv6 (Enhanced Interior Gateway Routing Protocol for IPv6) is a Cisco proprietary routing protocol designed for efficient routing within IPv6 networks, utilizing distance vector and link-state elements for route calculation.

Learn more about EIGRPv6

Ensuring voting systems and processes can’t be compromised, tampered, or sabotaged, protecting democratic integrity.

Learn more about Election Security

Email authentication is the process of verifying that an email message comes from a legitimate sender by validating the message's sender and ensuring its integrity through mechanisms like SPF, DKIM, and DMARC.

Learn more about Email Authentication

Email encryption is the process of encoding email messages to protect the content from unauthorized access, ensuring confidentiality and data integrity during transit or storage.

Learn more about Email Encryption

Techniques to protect email communications from threats.

Learn more about Email Security

A solution that filters and monitors email traffic to block spam, phishing, and malware before reaching end users.

Learn more about Email Security Gateway

Email Spoofing is a technique used by attackers to forge the sender's email address in order to appear as someone else, with the intent to deceive the recipient into taking a specific action.

Learn more about Email Spoofing

Embedded Event Manager (EEM) is a Cisco IOS software feature that enables the device to monitor events and take automated actions based on defined policies and triggers.

Learn more about Embedded Event Manager

Embedded Event Manager (EEM) is a feature on Cisco networking devices that allows for automated scripts to be triggered based on pre-defined event conditions.

Learn more about Embedded Event Manager (EEM)

A major banking Trojan turned malware distribution platform.

Learn more about Emotet

Layering or packaging data with protocol headers or methods for secure communication.

Learn more about Encapsulation

The action of changing a message into another format through the use of a code.

Learn more about Encoding

Converting plaintext to ciphertext using cryptographic algorithms.

Learn more about Encryption

Encryption from sender to recipient without exposure on intermediate servers.

Learn more about End to End Encryption

End-to-End Path Visibility in cybersecurity refers to the ability to monitor and track network communication from its source to its destination to identify potential security issues or performance problems.

Learn more about End-to-End Path Visibility

Endpoint Detection and Response (EDR) is a security technology that continuously monitors endpoint devices for malicious activity, providing real-time detection, investigation, and remediation capabilities to protect against advanced threats.

Learn more about Endpoint Detection And Response EDR

Putting real-time monitors on endpoints to spot and contain threats, surpassing traditional AV capabilities.

Learn more about Endpoint Detection and Response EDR Implementation

Integrated endpoint security solution

Learn more about Endpoint Protection Platform EPP

Security measures for devices

Learn more about Endpoint Security

Endpoint Security Control refers to a strategy that focuses on securing end-user devices such as desktops, laptops, and mobile devices from cyber threats through the implementation of security measures such as antivirus software, encryption, and intrusion detection/prevention systems.

Learn more about Endpoint Security Control

Enforced MFA refers to the mandatory implementation of Multi-Factor Authentication to add an additional layer of security by requiring users to provide multiple forms of verification to access a system or application.

Learn more about Enforced MFA

Enterprise Architecture Security refers to the practice of designing and implementing a secure framework that aligns with an organization's overall business goals and objectives.

Learn more about Enterprise Architecture Security

Measure of randomness crucial for secure cryptographic operations.

Learn more about Entropy

Systematic probing to discover network resources, accounts, or services.

Learn more about Enumeration

Environmental risk in cybersecurity refers to potential threats and vulnerabilities that arise from the physical infrastructure, geographical location, and external factors impacting an organization's information systems and data security.

Learn more about Environmental Risk

An ephemeral environment in cybersecurity is a temporary and short-lived system or network instance that is created for a specific purpose and is automatically destroyed once that purpose is fulfilled to reduce the risk of unauthorized access or data breaches.

Learn more about Ephemeral Environment

Ephemeral ports are temporary network ports used by client applications to communicate with servers, typically ranging from port numbers 49152 to 65535.

Learn more about Ephemeral Ports

Equal-cost Multi-path (ECMP) is a routing technique that enables the forwarding of packets along multiple paths of equal cost simultaneously for enhanced network efficiency and fault tolerance.

Learn more about Equal-cost Multi-path (ECMP)

ERSPAN (Encapsulated Remote Switch Port Analyzer) is a Cisco proprietary technology that extends the functionality of traditional port mirroring by encapsulating mirrored traffic in GRE (Generic Routing Encapsulation) for remote monitoring and analysis in a virtual or physical network environment.

Learn more about ERSPAN

Gaining higher access rights than intended, often through vulnerabilities.

Learn more about Escalation of Privileges

Escalation Procedure in cybersecurity is a predefined set of steps to follow when a security incident is identified to ensure proper reporting, investigation, and mitigation processes are activated promptly.

Learn more about Escalation Procedure

ESP (Encapsulating Security Payload) is a protocol within the IPsec protocol suite that provides confidentiality, integrity, and authentication for packets transferred over a network.

Learn more about ESP

EtherChannel is a technology used in networking to combine multiple physical links into a single logical link, providing increased bandwidth, redundancy, and load balancing capabilities.

Learn more about EtherChannel

EUI-64 (Extended Unique Identifier-64) is an identifier used in IPv6 addressing, where the 48-bit MAC address of a network interface card is extended to 64 bits by inserting "FFFE" in the middle.

Learn more about EUI-64

High-assurance SSL certificate showing verified company identity, historically recognized by browser UI indicators.

Learn more about EV Certificate

Event correlation is the process of analyzing and correlating multiple events from various sources to identify patterns, trends, and potential security incidents within a network or information system.

Learn more about Event Correlation

Gathering data for forensic analysis.

Learn more about Evidence collection

Evidence gathering in cybersecurity refers to the process of collecting digital data and information to investigate security incidents and assess potential threats to a system or network.

Learn more about Evidence Gathering

An evil twin is a rogue Wi-Fi access point that appears to be a legitimate one, set up to eavesdrop on wireless communications or deceive users into connecting to it instead of the real access point.

Learn more about Evil Twin

Rogue WiFi access point mimicking a legitimate one to steal data.

Learn more about Evil Twin Attack

Executive Risk Tolerance is the level of cybersecurity risk that executives are willing to accept within an organization's operations to achieve business objectives.

Learn more about Executive Risk Tolerance

Unauthorized transfer of data out of a system or network.

Learn more about Exfiltration

Technique to take advantage of vulnerabilities

Learn more about Exploit

Exploit Mitigation refers to techniques and mechanisms implemented to prevent or reduce the impact of security vulnerabilities that could be exploited by cyber attackers.

Learn more about Exploit Mitigation

Extended ACL (Access Control List) is a type of firewall rule that filters network traffic based on various criteria such as source/destination IP address, port numbers, and protocol types.

Learn more about Extended ACL

Extended Detection and Response (XDR) is a security solution that unifies multiple protection technologies into a cohesive system, collecting and automatically correlating data across multiple security layers—including email, endpoints, servers, cloud workloads, and networks—to detect sophisticated threats through advanced analytics, while providing enhanced visibility, investigation capabilities, and automated response actions from a single platform.

Learn more about Extended Detection and Response XDR

A digital certificate with stricter identity checks for higher assurance.

Learn more about Extended Validation EV Certificate

Exterior Gateway Protocol (EGP) is a routing protocol used to exchange routing information between different autonomous systems on the internet.

Learn more about Exterior Gateway Protocol

External Authentication is a process where a system verifies the identity of a user by relying on an external source, such as LDAP or Active Directory, instead of using internal credentials.

Learn more about External Authentication

External Risk Exposure is the potential vulnerability of an organization to threats originating from external sources, such as cyber attacks, natural disasters, or supplier disruptions, that can affect its operations and information systems.

Learn more about External Risk Exposure

An external Syslog server is a remote server that collects and stores log messages generated by devices in a network for security monitoring and analysis.

Learn more about External Syslog Server

An External Threat refers to risks originating from outside an organization's network or system that could potentially exploit vulnerabilities and compromise the security of the organization.

Learn more about External Threat

Fabric Border refers to the edge of a network fabric that enforces security policies and controls the flow of traffic between different network segments.

Learn more about Fabric Border

Fabric Control Plane is the component of a network fabric that manages and controls network traffic by directing packets to their intended destinations.

Learn more about Fabric Control Plane

Fabric Edge is a cybersecurity term that refers to the outer perimeter of a network security fabric, where traffic enters and exits the protected environment.

Learn more about Fabric Edge

Factory reset is the process of restoring a device to its original state by erasing all data and settings, usually done to troubleshoot issues or prepare the device for resale.

Learn more about Factory Reset

Fail close is a system configuration where access is denied by default if the security mechanisms fail or are unavailable, preventing unauthorized access to the system.

Learn more about Fail Close

Fail Open is a security design in which a system defaults to allowing access in the event of a failure, potentially exposing vulnerabilities.

Learn more about Fail Open

Failover detection refers to the process of identifying when a primary IT system or network component fails and automatically switching to a backup system to maintain continuous operations and avoid downtime.

Learn more about Failover Detection

A failover link is a secondary connection used to automatically redirect network traffic in case the primary link fails, ensuring continuous availability and reliability of the network.

Learn more about Failover Link

This is erroneous recognition either by confusing one user with another, or by accepting an imposter as a legitimate user.

Learn more about False Acceptance Rate Type II

Deceptive attacks pretending to come from someone else, complicating attribution and response decisions.

Learn more about False Flag Operations

This is failure to recognize a legitimate user.

Learn more about False Rejection Rate Type I

Fast Convergence refers to the speedy adaptation of network routing protocols to changes in network topology or conditions, minimizing downtime and ensuring efficient data transmission.

Learn more about Fast Convergence

Fast Secure Roaming enables devices to switch between access points seamlessly and securely in a wireless network.

Learn more about Fast Secure Roaming

A model allowing users to access multiple applications or domains with a single digital identity from a trusted provider.

Learn more about Federated Identity

Training AI models without gathering raw data centrally—devices or institutions keep their data locally, sending only model updates.

Learn more about Federated Learning

A lightweight encapsulation protocol, and it lacks the reliable data transport of the TCP layer.

Learn more about Fibre Channel over Ethernet FCoE

A protocol that enables strong, passwordless logins using hardware or built-in authenticators with public key cryptography.

Learn more about FIDO2 Authentication

A file policy establishes rules and restrictions for accessing, storing, and sharing files within an organization to ensure data security and compliance with regulatory requirements.

Learn more about File Policy

File Reputation refers to the assessment of a file's trustworthiness based on its history, source, and behavior to determine the likelihood of it being malicious.

Learn more about File Reputation

File sandboxing is a security mechanism that isolates and executes untrusted or potentially malicious files in a restricted environment to prevent them from affecting the larger system.

Learn more about File Sandboxing

File Trajectory refers to the path a file takes from its creation until it is accessed, modified, and distributed on a computer network, allowing for tracking and monitoring of file activities for security analysis and incident response purposes.

Learn more about File Trajectory

Malicious software that operates entirely in memory or leverages legitimate system tools rather than installing files on a disk.

Learn more about Fileless Malware

A fileless threat is a type of cyber attack that operates in computer memory without leaving traces on the file system, making detection and mitigation more challenging.

Learn more about Fileless Threat

Filtering refers to the process of inspecting and controlling incoming and outgoing network traffic based on predetermined criteria to prevent unauthorized access or malicious activities.

Learn more about Filtering

Firepower Services refer to advanced threat detection and mitigation capabilities provided by Cisco's Next-Generation Firewall technologies for network security.

Learn more about Firepower Services

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Learn more about Firewall

Firewall rule optimization is the process of refining and organizing firewall rules to enhance efficiency, security, and performance of network traffic filtering.

Learn more about Firewall Rule Optimization

Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules.

Learn more about Firewalls

Safeguarding low-level device software so attackers can’t tamper at startup or use persistent exploits.

Learn more about Firmware Security

Firmware Validation is the process of verifying the integrity and authenticity of firmware to ensure it has not been tampered with or altered maliciously.

Learn more about Firmware Validation

First Hop Redundancy refers to the method of having backup routers or switches available to maintain connectivity in case the primary fails.

Learn more about First Hop Redundancy

First Hop Redundancy Protocol (FHRP) is a network protocol that provides redundancy for the default gateway in a subnet by allowing multiple routers to work together to maintain network connectivity in case of a failure.

Learn more about First Hop Redundancy Protocol

Fleet management in cybersecurity refers to the centralized control and monitoring of a group of devices, such as computers or mobile devices, within an organization.

Learn more about Fleet Management

FlexConnect allows lightweight access points to direct user traffic locally without sending it back to the controller when connected to the network.

Learn more about FlexConnect

FlexVPN is a unified security framework in Cisco networking that provides secure communication over VPNs using various protocols and features such as IKEv2, Next-Generation Encryption (NGE), and Dynamic Multipoint VPN (DMVPN).

Learn more about FlexVPN

A floating static route is a backup route in a routing table that is configured with a higher administrative distance than the primary route, becoming active only when the primary route fails.

Learn more about Floating Static Route

Flooding is a type of cyber attack where a system is overwhelmed with excessive traffic, causing it to become slow or unavailable for legitimate users.

Learn more about Flooding

Flow Control manages data transmission speed between devices to prevent data loss through congestion or buffering in a network.

Learn more about Flow Control

Forensic Chain of Custody is the chronological documentation of the seizure, custody, control, transfer, analysis, and disposition of digital evidence, ensuring its integrity and admissibility in legal proceedings.

Learn more about Forensic Chain of Custody

Forensic Log Aggregator: A tool that collects and centralizes log data from various sources to aid in forensic investigations and security incident response.

Learn more about Forensic Log Aggregator

Preparedness for digital investigations.

Learn more about Forensic Readiness

Forensics in cybersecurity refers to the process of collecting, analyzing, and preserving digital evidence to investigate and respond to security incidents or cybercrimes.

Learn more about Forensics

Forward Delay is the time a Spanning Tree Protocol switch port remains in the Listening and Learning states to prevent loops in the network topology.

Learn more about Forward Delay

Forwarding in cybersecurity is the process of transmitting network traffic from one network device to another based on a set of predefined criteria.

Learn more about Forwarding

Fragmentation is the process of breaking up data packets into smaller units to transmit over a network and reassembling them at the destination to optimize network performance and efficiency.

Learn more about Fragmentation

Data represented at Layer 2 of the Open Systems Interconnection (OSI) model.

Learn more about Frame

FTP (File Transfer Protocol) is a standard network protocol used to transfer files from one host to another over a TCP-based network, providing a simple way to share and access files remotely.

Learn more about FTP

Full Packet Capture is the practice of capturing and recording all data packets that travel through a network for the purpose of analysis, investigation, or forensic examination.

Learn more about Full Packet Capture

Full Spectrum Cybersecurity refers to an approach that covers all aspects of security, including prevention, detection, response, and recovery, across networks, systems, applications, and endpoints.

Learn more about Full Spectrum Cybersecurity

A Full-Scope Penetration Test is a comprehensive security assessment that simulates real-world cyberattacks on an organization's systems, networks, and applications to identify vulnerabilities and assess the effectiveness of existing security controls.

Learn more about Full-Scope Penetration Test

Fuzz Testing is a software testing technique that involves inputting invalid, unexpected, or random data into an application to uncover vulnerabilities and potential security flaws.

Learn more about Fuzz Testing

A process to identify security control deficiencies by comparing current and desired states.

Learn more about Gap Analysis

GAP Assessment is a methodical process of evaluating an organization's current security measures against industry best practices to identify areas of weakness and potential vulnerabilities.

Learn more about GAP Assessment

Secure memory cleanup to prevent data leakage.

Learn more about Garbage Collection Security Context

GARP (Group Address Resolution Protocol) is a networking protocol used to map an IP address to a physical machine address on a local network.

Learn more about GARP

A network node that manages and filters traffic between networks.

Learn more about Gateway

A gateway firewall is a network security device that controls incoming and outgoing traffic based on a set of predefined security rules to protect a network from unauthorized access and threats.

Learn more about Gateway Firewall

GDPR (General Data Protection Regulation) is a European Union law that governs the handling of personal data and privacy for individuals within the EU and European Economic Area (EEA).

Learn more about GDPR

Adherence to EU data protection rules

Learn more about GDPR Compliance

EU rules demanding strong data protections and strict handling of personal info.

Learn more about GDPR Technical Requirements

Genie CLI is a Command Line Interface tool provided by Cisco that simplifies the configuration and troubleshooting of network devices running IOS or IOS XR software.

Learn more about Genie CLI

Location-based control method that restricts or allows digital access.

Learn more about Geofencing

Geofencing Policy is a set of restrictions or permissions that define an area in which an organization's network resources or data can be accessed based on the geographical location of the user or device.

Learn more about Geofencing Policy

Geolocation Access Control is a security measure that restricts access based on the geographical location of the user, helping to prevent unauthorized access to systems and data.

Learn more about Geolocation Access Control

Geolocation enforcement is a cybersecurity measure that restricts access to data or resources based on the geographic location of the user, helping to prevent unauthorized access from certain regions.

Learn more about Geolocation Enforcement

Geolocation filtering is a cybersecurity technique used to restrict access to resources based on the geographic location of the user's IP address.

Learn more about Geolocation Filtering

Attaching location data to files, which can pose security risks.

Learn more about Geotagging

A geotagging policy controls the use of location-based data on devices and in applications to prevent the exposure of sensitive information and mitigate privacy risks.

Learn more about Geotagging Policy

Geotagging Risk Mitigation refers to strategies and measures implemented to reduce the potential security risks associated with the automatic inclusion of geographic location data in digital content such as photos or social media posts.

Learn more about Geotagging Risk Mitigation

GETVPN (Group Encrypted Transport Virtual Private Network) is a Cisco proprietary technology that provides secure and scalable encrypted communication for IP multicast and unicast traffic within a private network.

Learn more about GETVPN

Stealth malware that deletes itself after execution.

Learn more about Ghostware

Git is a distributed version control system used for tracking changes in source code during software development.

Learn more about Git

GLBP (Gateway Load Balancing Protocol) is a Cisco proprietary protocol that allows multiple routers to share the workload of being a default gateway, providing redundancy and load balancing for increased network availability.

Learn more about GLBP

Hardware manipulation to bypass device security protections.

Learn more about Glitching

Global Config Mode is a setting in network devices that allows administrators to make extensive changes affecting the entire system configuration.

Learn more about Global Config Mode

Each call is transformed into digital data that is given a channel and a time slot.

Learn more about Global System for Mobiles GSM

A Global Unicast Address is a unique Internet Protocol version 6 (IPv6) address that identifies a single interface of a device and is globally routable on the IPv6 internet.

Learn more about Global Unicast Address

Security practices and tools for Linuxbased systems.

Learn more about GNULinux Security

Preconfigured secure system image used for standard deployments.

Learn more about Gold Image

Using advanced Google searches to find exposed security risks.

Learn more about Google Hacking

The process of how an organization is managed; usually includes all aspects of how decisions are made for that organization, such as policies, roles, and procedures the organization uses to make those decisions.

Learn more about Governance

A formal body of personnel who determine how decisions will be made within the organization and the entity that can approve changes and exceptions to current relevant governance.

Learn more about Governance committee

A Governance Risk Compliance Platform (GRC) is a unified solution that helps organizations manage and monitor governance, risk management, and compliance activities to ensure alignment with regulations and internal policies.

Learn more about Governance Risk Compliance Platform

Governance Structure in cybersecurity refers to the framework of policies, procedures, and decision-making processes that guide and control the overall security strategy and implementation within an organization.

Learn more about Governance Structure

Opensource encryption tool using publickey cryptography.

Learn more about GPG GNU Privacy Guard

Cryptographic key pair used for secure GPG encryption.

Learn more about GPG Key

GPG key management refers to the process of generating, storing, sharing, and revoking encryption keys used in GPG (GNU Privacy Guard) for secure communication and data protection.

Learn more about GPG Key Management

Graceful degradation refers to the ability of a system to maintain partial functionality and performance in the event of a failure or adverse conditions, rather than completely ceasing operation.

Learn more about Graceful Degradation

Graceful Restart is a feature in networking protocols that allows a system to restart without disrupting the forwarding of network traffic by temporarily maintaining existing connections and quickly resuming operation after the restart.

Learn more about Graceful Restart

Finetuned control over resource access based on user roles.

Learn more about Granular Access Control

Protecting GraphQL APIs through measures like query analysis, rate limiting, and schema validation to prevent malicious requests.

Learn more about GraphQL Security

Testing with partial internal knowledge.

Learn more about Gray box testing

Integrated framework for strategy, risk management, and compliance.

Learn more about GRC Governance Risk and Compliance

GRC Maturity Model is a framework that helps organizations assess, improve, and evolve their governance, risk management, and compliance capabilities across various cybersecurity domains.

Learn more about GRC Maturity Model

GRC tooling refers to software tools that facilitate Governance, Risk, and Compliance (GRC) processes within an organization.

Learn more about GRC Tooling

GRE (Generic Routing Encapsulation) is a tunneling protocol used to encapsulate a wide variety of network layer protocols inside virtual point-to-point links.

Learn more about GRE

GRE (Generic Routing Encapsulation) over IPsec is a technique to securely transmit encapsulated network packets using the IPsec protocol for encryption and integrity protection.

Learn more about GRE over IPsec

PKIbased framework for securing distributed computing grids.

Learn more about Grid Security Infrastructure GSI

Group Account Control (GAC) is a mechanism in Windows operating systems that manages user account permissions for groups of users, helping to maintain security and access control.

Learn more about Group Account Control

Group Membership Review is the process of regularly evaluating and managing access rights within a group to ensure that only authorized users have appropriate levels of access to resources, minimizing the risk of unauthorized access and data breaches.

Learn more about Group Membership Review

Windows feature for managing user and device configurations.

Learn more about Group Policy

Group Policy Object (GPO) is a collection of settings in a Microsoft Active Directory that define the behavior of users and computers in a network environment.

Learn more about Group Policy Object

Protected memory areas used to detect buffer overflows.

Learn more about Guard Pages

Guest VLAN segregates guest devices from the rest of the network to provide limited access and security controls to external users or devices.

Learn more about Guest VLAN

Guest Wireless is a separate network that provides internet access to non-employees or visitors while keeping them isolated from the organization's primary network to prevent potential security risks.

Learn more about Guest Wireless

Suggested practices and expectations of activity to best accomplish tasks and attain goals.

Learn more about Guidelines

A hardened image refers to a securely configured and fortified version of an operating system or software that has been strengthened to resist cyber attacks and unauthorized access.

Learn more about Hardened Image

OS with enhanced security configurations

Learn more about Hardened Operating System

Reducing vulnerabilities through configuration.

Learn more about Hardening

A Hardening Guide is a set of documented procedures and best practices designed to secure and protect a system, network, or application by reducing its attack surface and minimizing vulnerabilities.

Learn more about Hardening Guide

A secure chip or component that anchors all sensitive security processes in hardware.

Learn more about Hardware Root of Trust

A dedicated appliance for securely creating, storing, and managing cryptographic keys and performing encryption operations.

Learn more about Hardware Security Module HSM

Hardware Tamper Detection is a security mechanism used to detect unauthorized physical access or tampering with a device or hardware system, triggering alerts and safeguards to protect against potential breaches or attacks.

Learn more about Hardware Tamper Detection

A hardware token is a physical device that generates and stores secure authentication credentials for users to access systems and data, providing an additional layer of security beyond traditional passwords.

Learn more about Hardware Token

A hardware-based encryption module is a physical component integrated into a system that performs encryption and decryption processes using dedicated cryptographic hardware to secure data.

Learn more about Hardware-based Encryption Module

A way to prove message integrity and authenticity using a shared secret key and hashing.

Learn more about Hash based Message Authentication Code HMAC

A hash collision occurs when two different inputs produce the same output hash value in a hash function, potentially leading to security vulnerabilities.

Learn more about Hash Collision

Hash Collisions occur when two different inputs produce the same hash output in a cryptographic hash function.

Learn more about Hash Collisions

Hash cracking prevention refers to the measures taken to protect hashed data from being deciphered by unauthorized users through techniques such as salting, key stretching, and utilizing strong hashing algorithms like SHA-256.

Learn more about Hash Cracking Prevention

Accepts an input message of any length and generates, through a one-way operation, a fixed-length output called a message digest or hash.

Learn more about Hash function

Hashing is the process of converting input data (such as a password) into a fixed-size string of characters using a mathematical algorithm, commonly used in cybersecurity to securely store sensitive information.

Learn more about Hashing

A hashing algorithm is a mathematical function that converts an input into a fixed-size string of bytes, used primarily for data integrity verification and password storage in cybersecurity.

Learn more about Hashing Algorithm

Hashing algorithm strength refers to the level of security and resistance against attacks such as brute force or collision attacks provided by a specific hashing algorithm.

Learn more about Hashing Algorithm Strength

A hashing policy is a predefined set of rules and procedures that dictate how data should be transformed and protected through the use of cryptographic hash functions to maintain integrity and security.

Learn more about Hashing Policy

Head Drop refers to a social engineering technique where threat actors abruptly end a phone call to create a sense of urgency or confusion in the target, prompting them to disclose sensitive information or perform an action without due diligence.

Learn more about Head Drop

A flaw in OpenSSL’s heartbeat feature letting attackers read server memory, including keys or credentials.

Learn more about Heartbleed Vulnerability

A heatmap in cybersecurity refers to a visual representation of the intensity of attacks, network traffic, or vulnerabilities on a system or network, usually displayed in color-coded graphical format.

Learn more about Heatmap

Hello Time is a networking term that refers to the length of time a device waits between sending hello packets on a network to maintain link-state information and detect network failures or changes.

Learn more about Hello Time

Heuristic detection is a cybersecurity technique that identifies novel threats based on patterns, behaviors, or attributes rather than known signatures.

Learn more about Heuristic Detection

Hierarchical Quality of Service (QoS) is a network management technique that prioritizes and guarantees the quality of service delivery based on pre-defined policies and requirements across different levels or hierarchies within a network infrastructure.

Learn more about Hierarchical QoS

Design ensuring continuous operation.

Learn more about High availability

High availability design refers to a system or network architecture that is designed to ensure continuous operation and minimize downtime through redundancy, failover mechanisms, and fault tolerance.

Learn more about High Availability Design

High Entropy Secrets refer to cryptographic keys or passwords with a high level of randomness and unpredictability, making them difficult for attackers to guess or break.

Learn more about High Entropy Secrets

A high-fidelity alert in cybersecurity refers to an alert that has a low rate of false positives and accurately indicates a real security incident.

Learn more about High-Fidelity Alert

HIPAA (Health Insurance Portability and Accountability Act) is a United States legislation that establishes data privacy and security provisions for safeguarding medical information.

Learn more about HIPAA

HIPAA Compliance refers to adhering to the Health Insurance Portability and Accountability Act regulations that protect the privacy and security of healthcare information.

Learn more about HIPAA Compliance

U.S. regulation setting standards for protecting the confidentiality, integrity, and availability of electronic health information.

Learn more about HIPAA Security Rule

HMAC (Hash-based Message Authentication Code) is a cryptographic algorithm that combines a secret key with a hash function to produce a value ensuring data integrity and authenticity.

Learn more about HMAC (Hash-based Message Authentication Code)

Hold-down Timer is a mechanism used in networking protocols to prevent routing loops by delaying the acceptance of route changes for a specific period of time.

Learn more about Hold-down Timer

An approach enabling calculations on encrypted data without decrypting it, preserving data privacy during processing.

Learn more about Homomorphic Encryption

A honeynet is a network set up with intentionally known vulnerabilities to attract cyber attackers and observe their behaviors, tactics, and techniques for security research and analysis purposes.

Learn more about Honeynet

A honeypot is a decoy system deployed to attract and distract cyber attackers, allowing security professionals to monitor and analyze their activities to enhance threat intelligence.

Learn more about Honeypot

Machines that exist on the network, but do not contain sensitive or valuable data, and are meant to distract and occupy malicious or unauthorized intruders, as a means of delaying their attempts to access production data/assets.

Learn more about Honeypots honeynets

Decoy resource for detecting intrusions

Learn more about Honeytoken

Host Firewall Rules are configurations set on an individual device that dictate which incoming and outgoing network traffic is allowed or blocked based on defined criteria and policies.

Learn more about Host Firewall Rules

Host Hardening is the process of securing a computer system by reducing its attack surface through the implementation of various security measures such as disabling unnecessary services, applying security patches, and configuring settings to minimize vulnerabilities.

Learn more about Host Hardening

Host-Based Intrusion Detection is a cybersecurity technique that monitors and analyzes the internals of a single computing device for signs of malicious activities or policy violations.

Learn more about Host-Based Intrusion Detection

Hostname Resolution refers to the process of converting a human-readable hostname (e.g., www.example.com) into an IP address, allowing devices to locate and communicate with each other on a network.

Learn more about Hostname Resolution

HSRP stands for Hot Standby Router Protocol, a Cisco proprietary redundancy protocol used to provide high availability in a network by allowing multiple routers to work together in a group, with one router designated as the active router and others as standby routers ready to take over in case the active router fails.

Learn more about HSRP

Extra instructions (like CSP, HSTS) sent by websites to reduce XSS, clickjacking, or insecure transport exposures.

Learn more about HTTP Security Headers

HTTPS stands for Hypertext Transfer Protocol Secure, a protocol for secure communication over a computer network which is widely used on the Internet.

Learn more about HTTPS

An HTTPS server refers to a server configured to host websites or web applications that use the Hypertext Transfer Protocol Secure (HTTPS) to encrypt data transmitted between clients and the server, ensuring secure communication over the internet.

Learn more about HTTPS Server

Hybrid Cloud: A computing environment that combines public and private cloud infrastructure to enable data and application portability while providing greater flexibility and control over resources.

Learn more about Hybrid Cloud

Hybrid Cloud Security refers to a security strategy that safeguards data and applications in a computing environment that combines on-premises infrastructure with public and private cloud services.

Learn more about Hybrid Cloud Security

Hybrid Identity Management is the practice of securely managing and authorizing access to resources by integrating on-premises and cloud-based identity services to support hybrid IT environments.

Learn more about Hybrid Identity Management

Hybrid Routing Protocol is a routing protocol that combines characteristics of both distance vector and link-state routing protocols for more efficient and flexible routing in computer networks.

Learn more about Hybrid Routing Protocol

Hybrid Threat Simulation is a simulation technique that combines cyber and physical threats to test an organization's security defenses and response capabilities.

Learn more about Hybrid Threat Simulation

Hypervisor Security refers to the protective measures and safeguards implemented to secure the hypervisor, a software or firmware that creates and manages virtual machines, from cyber threats and unauthorized access.

Learn more about Hypervisor Security

IaaS (Infrastructure as a Service) is a cloud computing model where third-party providers deliver virtualized computing resources over the internet.

Learn more about IaaS

IAM Governance refers to the framework and processes put in place to ensure that identity and access management controls and policies align with the organization's security requirements, regulatory compliance, and best practices.

Learn more about IAM Governance

IAM Policy: A set of rules that specifies the permissions granted to entities within an Identity and Access Management system, determining what actions they can perform on resources.

Learn more about IAM Policy

IAM Policy Audit refers to the process of reviewing and evaluating the permissions and access controls defined within an Identity and Access Management (IAM) policy to ensure compliance with security requirements and best practices.

Learn more about IAM Policy Audit

iBGP (Internal Border Gateway Protocol) is an advanced routing protocol used within an autonomous system to exchange routing and reachability information between different routers to maintain a stable and efficient network.

Learn more about iBGP

ICMP (Internet Control Message Protocol) is a network protocol used to send error messages and operational information indicating issues with packet delivery in IP networks.

Learn more about ICMP

An ICMP flood is a type of Denial of Service (DoS) attack where a large volume of Internet Control Message Protocol (ICMP) packets are sent to overwhelm a target system, causing a disruption in its normal operations.

Learn more about ICMP Flood

ICS security, or Industrial Control System security, refers to the protection of networks and systems used to operate industrial processes and critical infrastructure from cyber threats.

Learn more about ICS Security

Identity and Access Management (IAM) is a system for managing digital identities and regulating resource access. It ensures that only authorized individuals receive the appropriate permissions through authentication and authorization controls.

Learn more about Identity And Access Management IAM

Cloud-based services that broker identity and access management (IAM) functions to target systems on customers' premises and/or in the cloud.

Learn more about Identity as a service IDaaS

Identity Broker: A system that mediates authentication and authorization between multiple trusted domains by securely exchanging identity information.

Learn more about Identity Broker

Identity brokering is a process where a trusted third-party service facilitates the secure exchange of identity information between different systems and applications, ensuring authentication and access control mechanisms are properly enforced.

Learn more about Identity Brokering

Identity claim verification is the process of confirming the authenticity of an entity's asserted identity in a digital environment through methods such as multifactor authentication or digital certificates.

Learn more about Identity Claim Verification

Identity Federation Protocols are standards that enable secure communication and exchange of identity information between different identity providers and service providers within a federated identity management system.

Learn more about Identity Federation Protocols

Identity Governance is the process of managing and ensuring that the right individuals have the appropriate access to information and resources within an organization.

Learn more about Identity Governance

Managing user identities, roles, and access rights to ensure compliance and minimize security risks.

Learn more about Identity Governance and Administration IGA

Identity Governance Framework (IGF) is a structured system that defines and manages users' roles, responsibilities, and access rights within an organization's IT environment to ensure security and compliance.

Learn more about Identity Governance Framework

Identity Lifecycle refers to the different stages through which a digital identity passes, including creation, management, usage, and termination, to ensure proper access control and security within an organization's network.

Learn more about Identity Lifecycle

Managing user identities and access.

Learn more about Identity management

The process of collecting and verifying information about a person for the purpose of proving that a person who has requested an account, a credential, or other special privilege is indeed who he or she claims to be and establishing a reliable relationship that can be trusted electronically between the individual and said credential for purposes of electronic authentication.

Learn more about Identity proofing

An Identity Provider (IdP) is a system that manages authentication and authorization processes, allowing users to access multiple applications or services with a single set of login credentials.

Learn more about Identity Provider

Identity store is a centralized repository that securely stores and manages digital identities, attributes, and credentials used for authenticating and authorizing users within a system or application.

Learn more about Identity Store

Identity Theft is the unauthorized acquisition and use of a person's personal information (such as Social Security number or financial data) for fraudulent purposes.

Learn more about Identity Theft

Identity threat detection and response is the process of identifying and mitigating risks associated with unauthorized access or use of user identities within an organization's systems and networks.

Learn more about Identity Threat Detection and Response

Identity verification process is a method used to confirm that an individual is who they claim to be by presenting authenticating credentials such as passwords, biometric data, or one-time codes.

Learn more about Identity Verification Process

Identity-Based Policy is a security measure that regulates access based on the user's verified identity and permission levels within a system or network.

Learn more about Identity-Based Policy

An Intrusion Detection System (IDS) is a security tool that monitors network or system activities for malicious activities or policy violations, alerts security personnel, and may even take automated actions to resolve the issue.

Learn more about IDS

IGMP (Internet Group Management Protocol) is a communication protocol used by IP hosts to report their multicast group memberships to multicast routers.

Learn more about IGMP

IGMP Querier is a network device that manages the Internet Group Management Protocol by sending queries to discover multicast group memberships on a local network segment.

Learn more about IGMP Querier

IGMP Snooping is a network switch feature that monitors Internet Group Management Protocol (IGMP) messages to efficiently manage multicast traffic by forwarding multicast traffic only to the ports interested in receiving it.

Learn more about IGMP Snooping

Interior Gateway Protocol (IGP) is a type of routing protocol used within an autonomous system to exchange routing information between routers.

Learn more about IGP

IKE (Internet Key Exchange): a protocol used to establish a secure, authenticated communication channel between two devices by negotiating encryption and authentication methods.

Learn more about IKE

IKE Phase 1 is the initial process in setting up a secure channel for communication through Internet Key Exchange (IKE) protocol, where peers authenticate each other and establish a secure connection using a defined set of parameters.

Learn more about IKE Phase 1

IKE Phase 2 is the phase of Internet Key Exchange (IKE) protocol where the actual secure data transfer occurs through the establishment of Security Associations (SAs) for encryption and authentication.

Learn more about IKE Phase 2

IKEv1 (Internet Key Exchange Version 1) is a protocol used to set up a security association (SA) for secure communication in IPsec VPN connections.

Learn more about IKEv1

IKEv2 (Internet Key Exchange Version 2) is a protocol used to establish security associations and negotiate cryptographic keys in IPsec VPNs for secure communication between devices.

Learn more about IKEv2

Immutable Infrastructure refers to a security concept where infrastructure components, once deployed, are considered immutable and any changes are managed through redeployment of new instances rather than modifying existing ones.

Learn more about Immutable Infrastructure

Immutable Logs are log files that cannot be altered or deleted, ensuring a tamper-proof record of system activities for security and compliance purposes.

Learn more about Immutable Logs

An Impact Flag is a method used in cybersecurity to mark and assess potential consequences and severity levels of security incidents or vulnerabilities.

Learn more about Impact Flag

Impersonation Attack is a type of cyber attack where the attacker pretends to be a legitimate entity to deceive individuals into providing sensitive information or access to systems.

Learn more about Impersonation Attack

Impersonation Protection is a cybersecurity measure that prevents unauthorized individuals from pretending to be someone else by utilizing authentication techniques such as multi-factor authentication and digital certificates.

Learn more about Impersonation Protection

Inbound filtering is the process of inspecting incoming network traffic to determine if it meets specified criteria and blocking or allowing it accordingly to protect the network from malicious activity.

Learn more about Inbound Filtering

Incident Analysis refers to the process of reviewing, examining, and interpreting security incidents to understand the impact, identify root causes, and improve an organization's security posture.

Learn more about Incident Analysis

An Incident Escalation Matrix is a predetermined hierarchical structure outlining the steps and levels of authority to be followed in escalating and responding to cybersecurity incidents within an organization.

Learn more about Incident Escalation Matrix

Incident handling is the process of responding to and managing security incidents, including identifying, analyzing, and mitigating the impact of security breaches on an organization's information technology systems and infrastructure.

Learn more about Incident Handling

Organized approach to handling incidents

Learn more about Incident Management

An Incident Playbook is a documented set of predetermined actions and procedures to follow in response to a cybersecurity incident.

Learn more about Incident Playbook

Handling security breaches

Learn more about Incident Response

Incident Response SLA stands for Incident Response Service Level Agreement - a formal agreement that outlines the specific timeframes within which an organization must respond to, contain, and recover from cybersecurity incidents, ensuring timely and effective incident management.

Learn more about Incident Response SLA

Incident Response Workflow in cybersecurity refers to a predefined process that outlines the steps to detect, respond, mitigate, and recover from security incidents within an organization.

Learn more about Incident Response Workflow

Incident scenarios refer to predefined plans outlining the step-by-step actions and procedures to follow in response to a cybersecurity incident.

Learn more about Incident Scenarios

Incident Simulation is a controlled exercise that imitates a real cybersecurity incident to assess an organization's incident response capabilities and improve readiness.

Learn more about Incident Simulation

Independent Validation is the process of verifying and validating cybersecurity controls, processes, or systems by an unbiased third party to ensure they meet security requirements and standards.

Learn more about Independent Validation

Indicator Enrichment is the process of enhancing security indicators with additional contextual information to improve the accuracy and relevance of threat detection and response mechanisms.

Learn more about Indicator Enrichment

An Indicator of Attack (IOA) is a sign or signal that suggests an ongoing or attempted compromise of a system or network by malicious actors.

Learn more about Indicator of Attack

Indicator of Compromise (IoC) refers to forensic evidence indicating a system has been breached, potentially including file hashes, IP addresses, domain names, and other artifacts used to detect and respond to cybersecurity incidents.

Learn more about Indicator of Compromise

Indicators of Attack are traces of malicious activities within a network that signify a potential breach or ongoing cyber threat.

Learn more about Indicators of Attack

Early-stage signs that a malicious act or tactic is in progress, focusing on the intent behind attacker actions.

Learn more about Indicators of Attack IoA

Indicators of Compromise (IoC) are artifacts or behaviors that potentially suggest the presence of malicious activity within a system or network.

Learn more about Indicators of Compromise

Forensic clues pointing to malicious activity, such as suspicious file hashes or network connections.

Learn more about Indicators of Compromise IoC

An Industrial Control System (ICS) is a network of interconnected hardware and software components used to manage and monitor industrial processes such as manufacturing, transportation, and energy production.

Learn more about Industrial Control System

Protecting the supervisory and control systems that manage industrial operations, such as manufacturing, power grids, or utilities.

Learn more about Industrial Control System ICS Security

Industrial Control System Security involves protecting critical infrastructure such as power plants and manufacturing facilities from cyber threats by implementing security measures to prevent unauthorized access or disruptions to these systems.

Learn more about Industrial Control System Security

An Industrial Firewall is a security device that safeguards industrial control systems from cyber threats by monitoring and controlling network traffic based on predetermined security rules.

Learn more about Industrial Firewall

Information Classification refers to the process of categorizing data based on its sensitivity and value to ensure appropriate protection measures are applied.

Learn more about Information Classification

Information Classification Policy is a set of guidelines that determine how data should be labeled, safeguarded, and accessed based on its sensitivity and criticality within an organization.

Learn more about Information Classification Policy

Information Flow Control refers to the process of regulating the movement of information between different levels of confidentiality or security within a system, ensuring that sensitive data is not improperly disclosed or accessed by unauthorized parties.

Learn more about Information Flow Control

Information governance is a framework that ensures information assets are formally managed throughout their lifecycle to support an organization's objectives, including regulatory compliance, risk management, and data quality.

Learn more about Information Governance

Information Handling Procedures are defined as the documented steps and guidelines detailing how organizations collect, store, process, and transmit sensitive information securely to maintain confidentiality, integrity, and availability.

Learn more about Information Handling Procedures

Information Lifecycle refers to the process of managing data from creation to disposal, including storage, access, usage, retention, and deletion, to ensure data security and regulatory compliance.

Learn more about Information Lifecycle

Information Protection Strategy is a comprehensive plan developed by an organization to safeguard sensitive data through a combination of technology, processes, and security measures.

Learn more about Information Protection Strategy

An Information Security Officer (ISO) is a professional responsible for overseeing and implementing an organization's information security strategy to protect against cybersecurity threats and ensure compliance with regulations and standards such as ISO 27001.

Learn more about Information Security Officer

An Information Sharing Policy is a set of rules and guidelines that govern the sharing of sensitive data within an organization or with external entities to manage and protect information assets effectively.

Learn more about Information Sharing Policy

Infrastructure as Code (IaC) is the practice of managing and provisioning computing infrastructure through machine-readable definition files, typically using automation tools such as Ansible, Terraform, or Chef.

Learn more about Infrastructure as Code (IaC)

Ensuring secure configuration and governance of infrastructure managed through code, such as scripts or templates.

Learn more about Infrastructure as Code IaC Security

Infrastructure as Code Security refers to the practice of securing and validating the automated provisioning and configuration of infrastructure components using code-based tools and techniques, such as security scanning, automated compliance checks, and secure coding practices.

Learn more about Infrastructure as Code Security

Infrastructure enumeration is the process of identifying and mapping out a target organization's network assets, such as servers, devices, and services, to gather information for potential attacks or security assessments.

Learn more about Infrastructure Enumeration

Infrastructure monitoring is the process of observing and managing the performance, availability, and security of an organization's IT systems, networks, and resources to ensure optimal operation and identify potential issues or security threats.

Learn more about Infrastructure Monitoring

Infrastructure obfuscation is the practice of hiding or obscuring details about a system's network configuration to make it more difficult for attackers to identify and exploit vulnerabilities.

Learn more about Infrastructure Obfuscation

Infrastructure threat modeling is the process of identifying potential threats, vulnerabilities, and security controls within an organization's network, systems, and infrastructure to assess and mitigate potential risks.

Learn more about Infrastructure Threat Modeling

Ingress Filtering is a security technique that examines incoming data packets to a network and allows or blocks them based on pre-defined security rules to prevent malicious traffic from entering the network.

Learn more about Ingress Filtering

Ingress Traffic refers to the incoming data packets that flow into a network or system from an external source, which can be monitored and controlled to protect against potential security threats.

Learn more about Ingress Traffic

Initial Access is the first stage in the Cyber Kill Chain framework where an attacker gains a foothold into a target system or network.

Learn more about Initial Access

A non-secret binary vector used as the initializing input algorithm, or a random starting point, for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment.

Learn more about Initialization vector IV

Inline Mode is a cybersecurity configuration where network traffic is actively inspected and controlled in real-time as it passes through a security device or system.

Learn more about Inline Mode

Inline Threat Prevention is a cybersecurity approach where security measures inspect and block potential threats in real-time as data flows through a network.

Learn more about Inline Threat Prevention

Inline refers to a cybersecurity system that actively inspects and filters network traffic in real-time, while in clear refers to the transmission of data in an unencrypted format over a network.

Learn more about Inline vs

**Input Policy:** Rules and guidelines establish for regulating and controlling the information entered into a system.

Learn more about Input Policy

Exposing raw database or file references so attackers can switch them to see or manipulate unauthorized data.

Learn more about Insecure Direct Object References IDOR

Inside NAT refers to Network Address Translation that translates private IP addresses to public IP addresses within a local network, allowing devices with private IP addresses to communicate with external networks.

Learn more about Inside NAT

Insider Activity Monitoring refers to the process of tracking and analyzing actions taken by individuals within an organization to detect and mitigate unauthorized or malicious activities that could pose a security risk.

Learn more about Insider Activity Monitoring

Managing risks from internal actors

Learn more about Insider Risk Management

Threat from within an organization

Learn more about Insider Threat

Insider Threat Analytics refers to the process of using tools and technologies to monitor, detect, and respond to insider threats within an organization's network and systems.

Learn more about Insider Threat Analytics

Insider Threat Management refers to the processes and tools implemented to detect, prevent, and respond to security threats posed by individuals within an organization who have access to sensitive information and systems.

Learn more about Insider Threat Management

An Insider Threat Playbook is a comprehensive document outlining procedures and protocols for detecting, responding to, and mitigating insider threats within an organization.

Learn more about Insider Threat Playbook

Insider Threat Simulation involves the controlled emulation of real-world scenarios to assess an organization's susceptibility to internal threats posed by employees, contractors, or partners.

Learn more about Insider Threat Simulation

A management technique that simultaneously integrates all essential acquisition activities through the use of multidisciplinary teams to optimize the design, manufacturing, and supportability processes.

Learn more about Integrated Process and Product Development IPPD

Integrated Risk Management (IRM) is a strategic approach to identifying, assessing, and mitigating risks across an organization by integrating risk management processes and data to provide a holistic view of risks.

Learn more about Integrated Risk Management

Integrated Risk Management Solution refers to a comprehensive approach that combines risk assessment, mitigation, and compliance processes into a unified platform to help organizations manage and respond to various risks effectively.

Learn more about Integrated Risk Management Solution

Guarding against improper information modification or destruction and includes ensuring information non-repudiation and authenticity.

Learn more about Integrity

Integrity Monitoring Tool is a cybersecurity software or system that continuously scans and monitors files and data to detect unauthorized changes or modifications, ensuring the integrity and security of the information.

Learn more about Integrity Monitoring Tool

Integrity Verification is the process of ensuring that data remains unchanged and has not been tampered with during transmission or storage.

Learn more about Integrity Verification

Intangible assets (notably includes software and data).

Learn more about Intellectual property

Intellectual Property Protection refers to the safeguarding of intangible assets such as copyrights, trademarks, and patents through measures like encryption, access controls, and legal frameworks to prevent unauthorized use or theft.

Learn more about Intellectual Property Protection

Intellectual Property Risk refers to the potential threats and vulnerabilities that may compromise the confidentiality, integrity, or availability of proprietary information, such as trade secrets, patents, or copyrights, and result in financial or reputational harm to an organization.

Learn more about Intellectual Property Risk

Intent-Based Networking is an approach to network management that enables automated orchestration and provisioning based on high-level business policies and objectives, rather than manual configuration of individual devices.

Learn more about Intent-Based Networking

Intent-Based Segmentation is a cybersecurity approach that dynamically enforces security policies based on user or device identity, regardless of network location, to prevent lateral movement of threats and restrict unauthorized access within a network.

Learn more about Intent-Based Segmentation

Inter-VLAN Routing allows communication between different virtual LANs (VLANs) by routing traffic between them at a layer 3 level in a network.

Learn more about Inter-VLAN Routing

Inter-VLAN Routing Security involves implementing measures to secure the communication between different virtual local area networks to prevent unauthorized access and maintain network integrity.

Learn more about Inter-VLAN Routing Security

Interactive Application Security Testing (IAST) is a dynamic application security testing method that combines elements of Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to assess potential vulnerabilities in running applications during testing.

Learn more about Interactive Application Security Testing

Tools and techniques that identify security flaws in running applications by monitoring code execution and traffic in real time.

Learn more about Interactive Application Security Testing IAST

Interactive login restrictions refer to the controls and policies implemented to govern and limit user access to a system or network through interactive methods, such as requiring multi-factor authentication or restricting login times.

Learn more about Interactive Login Restrictions

Interactive Threat Emulation is a cybersecurity technique that actively tests and simulates various types of threats, such as malware or advanced persistent threats (APTs), in a controlled environment to assess an organization's security defenses and responses.

Learn more about Interactive Threat Emulation

An Interagency Agreement is a formal document outlining terms and conditions of cooperation and information sharing between two or more government agencies to enhance cybersecurity efforts.

Learn more about Interagency Agreement

Interconnection Risk refers to the potential security vulnerabilities that arise from the interconnected nature of systems, networks, and devices, increasing the risk of a security breach or data compromise.

Learn more about Interconnection Risk

Interface Config Mode is a networking term referring to a configuration mode on network devices, such as routers and switches, that allows users to configure settings specific to individual interfaces, such as IP addresses and VLAN assignments.

Learn more about Interface Config Mode

Interface Control involves specifying and implementing controls to manage interactions and data flows between different system interfaces to prevent unauthorized access and ensure secure communication.

Learn more about Interface Control

Interface Description: A detailed explanation of the input and output parameters, functions, and protocols required for the interaction between two or more systems or components.

Learn more about Interface Description

Interface Loopback is a virtual interface on a network device that allows it to send and receive data to itself for testing purposes without requiring an external connection.

Learn more about Interface Loopback

Interface Security Gateway is a network security appliance that monitors and controls data traffic between different network segments to protect against unauthorized access and threats.

Learn more about Interface Security Gateway

Interface Segregation refers to the practice of separating different network interfaces to enhance security by reducing the attack surface and limiting the impact of a potential breach.

Learn more about Interface Segregation

Interface Status refers to the current operational state of a network interface, indicating whether it is up or down, and can also provide details on connectivity and link speed.

Learn more about Interface Status

Interior Gateway Protocol (IGP) is a type of routing protocol used to exchange routing information within an autonomous system.

Learn more about Interior Gateway Protocol

Internal Audit Review is a systematic evaluation of an organization's internal controls and processes to assess compliance with regulations, identify vulnerabilities, and provide recommendations for improvement.

Learn more about Internal Audit Review

Internal Network Segmentation divides a network into smaller segments to enhance security by restricting access to sensitive data and limiting lateral movement in case of a breach.

Learn more about Internal Network Segmentation

Internal Penetration Test is a simulated cyberattack carried out by authorized professionals within an organization's network to assess the security of its internal systems, identify vulnerabilities, and strengthen defenses.

Learn more about Internal Penetration Test

Internal Threat Simulation is the practice of simulating cyber threats originating from within an organization's network to assess the effectiveness of internal security measures and response capabilities.

Learn more about Internal Threat Simulation

Provides a means to send error messages and a way to probe the network to determine network availability.

Learn more about Internet Control Message Protocol ICMP

Internet governance refers to the rules, policies, standards, and mechanisms that coordinate and shape how the Internet is used and managed globally.

Learn more about Internet Governance

Used to manage multicasting groups that are a set of hosts anywhere on a network that are listening for a transmission.

Learn more about Internet Group Management Protocol IGMP

Internet of Things (IoT) Security refers to the practices and measures designed to protect connected devices and networks from cyber threats and unauthorized access.

Learn more about Internet of Things Security

Is the dominant protocol that operates at the Open Systems Interconnection (OSI) Network Layer 3. IP is responsible for addressing packets so that they can be transmitted from the source to the destination hosts.

Learn more about Internet Protocol IPv4

Is a modernization of IPv4 that includes a much larger address field: IPv6 addresses are 128 bits that support 2^128 hosts.

Learn more about Internet Protocol IPv6

Interoperable access control is the capability of a system to integrate and communicate with other systems to efficiently manage and enforce access permissions across multiple platforms or technologies.

Learn more about Interoperable Access Control

Intrusion Detection is the process of monitoring and analyzing network or system activities for signs of unauthorized access, security breaches, or other malicious activity.

Learn more about Intrusion Detection

An Intrusion Detection System (IDS) is a cybersecurity tool that monitors a network or system for malicious activity or policy violations and alerts the appropriate personnel for further investigation or action.

Learn more about Intrusion Detection System (IDS)

A solution that monitors the environment and automatically recognizes malicious attempts to gain unauthorized access.

Learn more about Intrusion detection system IDS

An intrusion policy is a set of rules and guidelines that dictate how an organization will detect, prevent, and respond to unauthorized access attempts or intrusions on its network or systems.

Learn more about Intrusion Policy

Intrusion Prevention is a security system that actively monitors network traffic to block potential threats in real-time before they can compromise the system.

Learn more about Intrusion Prevention

Intrusion Prevention System (IPS) is a security solution that monitors and analyzes network traffic to detect and block malicious activities or unauthorized access attempts in real-time.

Learn more about Intrusion Prevention System (IPS)

A solution that monitors the environment and automatically takes action when it recognizes malicious attempts to gain unauthorized access.

Learn more about Intrusion prevention system IPS

Complete list of items.

Learn more about Inventory

Inverse Trust is a security model where access to a system is denied by default, requiring explicit permissions to be granted, typically employed in Zero Trust architectures for enhanced security.

Learn more about Inverse Trust

An Indicator of Compromise (IOC) is a piece of evidence or observable behavior that potentially indicates a computer system or network has been breached or compromised by an attacker.

Learn more about IOC (Indicator of Compromise)

IoT Asset Management involves the monitoring and control of Internet of Things devices to ensure they are secure, operational, and compliant with policies throughout their lifecycle.

Learn more about IoT Asset Management

A network of infected smart devices controlled by criminals for large-scale attacks.

Learn more about IoT Botnet

IoT device onboarding is the process of securely connecting a new Internet of Things (IoT) device to a network, typically involving authentication, configuration, and authorization mechanisms to ensure device integrity and secure communication.

Learn more about IoT Device Onboarding

Protecting internet-connected devices—from smart home gadgets to industrial sensors—by securing their data, interfaces, and networks.

Learn more about IoT Device Security

IoT hardening is the process of securing Internet of Things devices by implementing measures such as disabling unnecessary services, updating firmware regularly, and using strong authentication mechanisms to protect them from cyber threats.

Learn more about IoT Hardening

Security for Internet of Things devices

Learn more about IOT Security

IP Address Spoofing is a technique where an attacker modifies the source IP address of a packet to impersonate another system, allowing them to bypass security measures and potentially launch attacks.

Learn more about IP Address Spoofing

IP Addressing is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.

Learn more about IP Addressing

IP Blacklist Monitoring is the process of actively tracking and managing lists of IP addresses known for malicious activities, in order to prevent communication with those addresses and enhance network security.

Learn more about IP Blacklist Monitoring

IP Precedence is a 3-bit field in the IPv4 header used for differentiated services that signals the priority level of an IP packet.

Learn more about IP Precedence

IP reputation refers to a scoring system that evaluates the trustworthiness of an IP address based on its historical behavior in sending malicious or legitimate traffic.

Learn more about IP Reputation

IP Reputation Analysis is the process of evaluating the historical behavior of an IP address to determine the likelihood of it being involved in malicious activities such as spamming, phishing, or malware distribution.

Learn more about IP Reputation Analysis

IP SLA (Internet Protocol Service Level Agreement) is a feature in Cisco devices that measures network performance and availability by generating synthetic traffic and collecting data for analysis.

Learn more about IP SLA

IP SLA Responder is a feature that allows a network device to respond to IP SLA operations initiated by a sender, providing information on network performance and availability.

Learn more about IP SLA Responder

IP spoofing is a technique where an attacker falsifies the source IP address in a network packet to hide their identity or impersonate another device.

Learn more about IP Spoofing

IP whitelisting is a security measure that only allows access to a specified list of IP addresses or ranges, preventing unauthorized connections from other sources.

Learn more about IP Whitelisting

IPFIX (Internet Protocol Flow Information Export): A protocol used to export flow information on network traffic for traffic analysis and monitoring purposes.

Learn more about IPFIX

Intrusion Prevention System (IPS) is a network security technology that monitors and analyzes network traffic to detect and prevent cybersecurity threats like malware, ransomware, and denial-of-service attacks in real-time.

Learn more about IPS

An Intrusion Prevention System (IPS) event is a triggered action or alert by an IPS when it detects and actively blocks potentially malicious network activity or threats.

Learn more about IPS Event

IPsec (Internet Protocol Security) is a protocol suite used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a communication session.

Learn more about IPsec

An IPsec profile in cybersecurity refers to a set of configurations that defines the encryption, authentication, and key exchange methods used to secure IP communications between network devices.

Learn more about IPsec Profile

IPsec VPN: A secure network connection that uses the IPsec (Internet Protocol Security) protocol suite to encrypt and authenticate data transmitted between two or more endpoints over the internet.

Learn more about IPsec VPN

The 32 bit internet addressing protocol.

Learn more about IPv4

IPv6 is the latest version of the Internet Protocol that provides unique addresses for devices connected to the internet and offers a larger address space compared to IPv4.

Learn more about IPv6

Making sure the new internet protocol (IPv6) isn’t misused for attacks like neighbor discovery spoofing or extension header exploits.

Learn more about IPv6 Security

IPv6 tunneling is a technique that encapsulates IPv6 packets within IPv4 packets to enable communication between IPv6 networks over an IPv4 infrastructure.

Learn more about IPv6 Tunneling

ISAKMP (Internet Security Association and Key Management Protocol) is a protocol used to establish Security Associations (SAs) and manage cryptographic keys in VPNs and other secure network communications.

Learn more about ISAKMP

ISE Guest Portal: A feature in Cisco Identity Services Engine that allows organizations to securely manage guest user access by providing a portal for onboarding, authentication, and authorization.

Learn more about ISE Guest Portal

ISL (Inter-Switch Link) is a type of virtual connection used in networking to facilitate communication between switches in a network.

Learn more about ISL

An ISO 27001 Control Objective refers to a specific goal aimed at ensuring the effectiveness and security of information management processes within an organization, in alignment with the ISO 27001 standard requirements.

Learn more about ISO 27001 Control Objective

An international standard specifying requirements for establishing, implementing, and continually improving an Information Security Management System.

Learn more about ISO IEC 27001

ISO/IEC 27001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization.

Learn more about ISO/IEC 27001

Isolation Environment: A security measure that separates sensitive systems or data from the rest of the network to prevent unauthorized access and reduce the impact of potential security breaches.

Learn more about Isolation Environment

IT Asset Management involves managing, monitoring, and maintaining an organization's hardware, software, and other technology assets to optimize their usage, ensure security, and support informed decision-making.

Learn more about IT Asset Management

IT General Controls are high-level security controls that govern an organization's overall IT environment, including controls over access, change management, and physical security.

Learn more about IT General Controls

IT Governance refers to the framework of policies, procedures, and responsibilities that guide and control an organization's information technology activities to ensure alignment with its goals and compliance with regulations.

Learn more about IT Governance

IT Risk Assessment is the process of identifying, analyzing, and evaluating potential risks to an organization's information technology systems and data.

Learn more about IT Risk Assessment

IT Security Strategy is a comprehensive plan that outlines an organization's approach to managing and securing its IT assets and infrastructure to protect against cybersecurity threats.

Learn more about IT Security Strategy

Jailbreaking Detection is the process of identifying and preventing unauthorized modifications to mobile devices that bypass security restrictions and can expose them to increased cybersecurity risks.

Learn more about Jailbreaking Detection

An API for database access in Java.

Learn more about JDBC

JIT Privilege Management is a cybersecurity approach that grants users elevated access rights only when needed for specific tasks, reducing the overall attack surface by limiting prolonged access to sensitive resources.

Learn more about JIT Privilege Management

The practice of having personnel become familiar with multiple positions within the organization as a means to reduce single points of failure and to better detect insider threats.

Learn more about Job rotation

JSON stands for JavaScript Object Notation, a lightweight data interchange format that is easy for humans to read and write and easy for machines to parse and generate.

Learn more about JSON

Granting elevated privileges or resources only when needed and revoking them immediately afterward to reduce exposure.

Learn more about Just in Time JIT Access

Just-in-Time Access refers to the practice of granting users only the permissions they need for a specific timeframe to reduce the attack surface and limit potential risks of unauthorized access.

Learn more about Just-in-Time Access

Just-in-Time Access Control restricts users' access privileges to only what is necessary for a specific time period to prevent unauthorized access and reduce security risks.

Learn more about Just-in-Time Access Control

Just-in-Time Authentication is a method where users are only prompted to authenticate when necessary to access a specific resource or perform a particular action, enhancing security by minimizing the exposure of authentication credentials.

Learn more about Just-in-Time Authentication

Just-In-Time Privilege Escalation is a scenario where permissions are temporarily elevated for a specific task or timeframe to reduce the risk of prolonged privileged access and potential security breaches.

Learn more about Just-In-Time Privilege Escalation

A compact token for secure information exchange.

Learn more about JWT

JWT Exploit Mitigation refers to strategies and measures implemented to prevent the misuse or abuse of JSON Web Tokens (JWT) to exploit vulnerabilities and gain unauthorized access to systems or resources.

Learn more about JWT Exploit Mitigation

Safeguarding JSON Web Tokens from misuse by enforcing correct signature validation, expiration, and storage.

Learn more about JWT Security

JWT Validation is the process of verifying the authenticity and integrity of JSON Web Tokens to ensure that the tokens have not been tampered with or forged.

Learn more about JWT Validation

Kerberos Authentication is a network authentication protocol that uses tickets to allow entities to prove their identity across a network.

Learn more about Kerberos Authentication

When different encryption keys generate the same ciphertext from the same plaintext message.

Learn more about Key Clustering

Key Compromise Recovery is the process of replacing cryptographic keys if they are believed to be compromised to prevent unauthorized access to encrypted data or systems.

Learn more about Key Compromise Recovery

Key Distribution Center (KDC) is a centralized system responsible for distributing cryptographic keys for secure communication within a network, commonly used in Kerberos authentication protocols.

Learn more about Key Distribution Center

Key Escrow is the process of securely storing encryption keys with a trusted third party to enable access in case of emergencies or for lawful interception purposes.

Learn more about Key Escrow

Securely exchanging cryptographic keys.

Learn more about Key exchange

The size of a key, usually measured in bits, that a cryptographic algorithm uses in ciphering or deciphering protected information.

Learn more about Key Length

Managing the lifecycle of cryptographic keys.

Learn more about Key management

Key Management Lifecycle refers to the complete process of generating, using, storing, and ultimately destroying cryptographic keys in a secure and well-managed manner to ensure data confidentiality and integrity.

Learn more about Key Management Lifecycle

The input that controls the operation of the cryptographic algorithm. It determines the behavior of the algorithm and permits the reliable encryption and decryption of the message.

Learn more about Key or Cryptovariable

Key Performance Indicator (KPI) is a measurable value that demonstrates how effectively a company is achieving its key business objectives in the field of cybersecurity.

Learn more about Key Performance Indicator

Key Recovery is the process of retrieving or reconstructing cryptographic keys that have been lost, damaged, or compromised from a secure storage or backup mechanism.

Learn more about Key Recovery

Key revocation strategy is a procedure implemented by an organization to invalidate and make inactive cryptographic keys that are compromised, lost, or no longer authorized for use.

Learn more about Key Revocation Strategy

Key Rotation Policy is a cybersecurity practice of regularly generating new cryptographic keys to replace old ones to enhance security and reduce vulnerability to attacks.

Learn more about Key Rotation Policy

Key Vault Access Monitoring refers to the process of observing and evaluating access to cryptographic keys and secrets stored in a Key Vault to detect and respond to unauthorized or suspicious activities.

Learn more about Key Vault Access Monitoring

Keystore Rotation is the process of regularly updating cryptographic material, such as public and private keys, stored in a keystore to enhance security and prevent unauthorized access to sensitive information.

Learn more about Keystore Rotation

Keystroke Dynamics is a behavioral biometric authentication method that identifies individuals based on their unique typing patterns on a keyboard.

Learn more about Keystroke Dynamics

Keystroke Injection Prevention is a security measure that safeguards a system against unauthorized injection of keystrokes by malicious actors, typically through hardware or software solutions such as keystroke encryption or validation mechanisms.

Learn more about Keystroke Injection Prevention

The Kill Chain is a cybersecurity model that describes the stages of a cyber attack, from initial reconnaissance to achieving the primary objective.

Learn more about Kill Chain

Kill Chain Modeling is a method that maps out the stages of a cyberattack, from initial reconnaissance to final exploitation, in order to understand and defend against potential threats.

Learn more about Kill Chain Modeling

A mathematical statistical and visualization method of identifying valid and useful patterns in data.

Learn more about Knowledge Discovery in Databases KDD

Known Plaintext Attack is a cryptanalysis attack where the attacker has access to both the ciphertext and the corresponding plaintext, allowing for the decryption of other ciphertexts encrypted with the same key.

Learn more about Known Plaintext Attack

Practices and tools to protect container orchestration clusters, including configuration hardening and network segmentation.

Learn more about Kubernetes Security

L2TP (Layer 2 Tunneling Protocol) is a protocol used to create virtual private networks (VPNs) by encapsulating data packets within Layer 2 headers to ensure secure transmission over the internet.

Learn more about L2TP

In networking, a Label Stack refers to multiple labels used in MPLS (Multiprotocol Label Switching) to steer packets through a network efficiently.

Learn more about Label Stack

Label switching is a technique used in computer networking where data packets are forwarded based on labels attached to them, allowing for efficient and scalable routing in multiprotocol environments like MPLS networks.

Learn more about Label Switching

Label-Based Access Control is a security model that regulates access to resources based on security labels assigned to users and resources, ensuring only users with the right clearance level can access specific information.

Learn more about Label-Based Access Control

LACP (Link Aggregation Control Protocol) is a networking protocol that enables the bundling of multiple network connections in parallel to increase throughput and provide redundancy.

Learn more about LACP

A land attack is a type of network-based Denial of Service (DoS) attack where the attacker sends packets with a forged source IP address to a target machine causing it to reply to itself, ultimately overloading the system.

Learn more about Land Attack

Language-Agnostic Policy Enforcement refers to the capability of enforcing security policies and controls without being dependent on the programming language or technology used in the software application or system.

Learn more about Language-Agnostic Policy Enforcement

The technique attackers use to move from one compromised system or account to another within a network to gain higher privileges or deeper access.

Learn more about Lateral Movement

Encryption relying on difficult lattice math that remains secure even against quantum computing breakthroughs.

Learn more about Lattice based Cryptography